OpenSAML user discussion

[Chad La Joie <>]

Signer.signObject is what does the signature.  Move that above the 
encryption.

Deena Gurajala wrote:
> Hi,
>
> How can we achieve the XML encryption with openSAML library as per SAML 2.0
> Spec where it involves both Digital Signature and XML encryption.
>
> SAML 2.0 Spec says the following.
>
> "When a signed <Assertion> element is encrypted, the signature MUST first be
> calculated and placed within the <Assertion> element before the element is
> encrypted."
>
> How can we achieve the above? I was able to successfully encrypt the
> assertion using openSAML. I also know how to do sign the message. But I
> don't know how to do as it stated in spec.
>
> I was trying to do this.
>
> Response response=getResponse();
> Assertion assertion=getAssertion();
>
> Signature signature=getSignature();
> assertion.setSignature(signature);
>
> EncryptedAssertion encAssertion=getEncryptedAssertion(assertion);
> response.getEncryptedAssertion.add(encAssertion);
>
> MarshallerFactory marshalFact = Configuration .getMarshallerFactory();
> Marshaller marshaller = marshalFact.getMarshaller(response);
> Element responseElement = marshaller.marshall(response);
>
>  Signer.signObject(signature);
>
> But I don't see any signature when decrypt the assertion. It has signature
> in the assertion element. But signature value is empty.
>
> Can some body provide me steps?

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
 http://www.switch.ch