Skip to Content.
Sympa Menu

mace-opensaml-users - RE: [OpenSAML] Unmarshall and validating an SAML file

Subject: OpenSAML user discussion

List archive

RE: [OpenSAML] Unmarshall and validating an SAML file


Chronological Thread 
  • From: Peter Williams <>
  • To: "" <>
  • Subject: RE: [OpenSAML] Unmarshall and validating an SAML file
  • Date: Sun, 1 Nov 2009 10:06:09 -0800
  • Accept-language: en-US
  • Acceptlanguage: en-US


Why not just try out https://code.crt.realtors.org/svn/websso/ rather than
struggle at every step!

It's a very basic wrapper around opensaml2, makes out a basic protocol
engine, but doesn't impose any higher religion on how to do or not do SSO. It
leaves that to you.

Ive seen happy folks adopt that java variety of that distribution. Don't know
if it's a maintained source, though.

I've also seen very happy folks using Spring security toolkit, which again
doesn't impose any religion on the use of opensaml2. You just receive a post
event at a page handler, assume its SAML value, unmarshall the posted blob
using the type verifier (and keying), then do X you decide with a bunch of
fields. Took one bean-happy developer (with no knowledge of SAML) about 40h
to get SSO and SLO done, working against a Liberty Interoperable (recently)
certified SAML2 server. They were delighted.



-----Original Message-----
From: Chad La Joie
[mailto:]
Sent: Sunday, November 01, 2009 9:51 AM
To:

Subject: Re: [OpenSAML] Unmarshall and validating an SAML file

It's possible. SAML 2 unmarshallers won't work for SAML 1.

murali mca wrote:
> Hi
>
> Thanks for all yours help so far.
>
> I am able to resolve the above errors by setting the endorsed files
> correctly.
>
> I am seeing the below error when I tried to marshal the SAML(generated
> using SAML1.0) file using saml2.0 API.
>
> SEVERE: This unmarshaller only operates on
> {urn:oasis:names:tc:SAML:2.0:protocol}Response elements not Response
> org.opensaml.xml.io.UnmarshallingException: This unmarshaller only operates
> on {urn:oasis:names:tc:SAML:2.0:protocol}Response elements not Response
> at
> org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.checkElementIsTarget(AbstractXMLObjectUnmarshaller.java:160)
> at
> org.opensaml.xml.io.AbstractXMLObjectUnmarshaller.unmarshall(AbstractXMLObjectUnmarshaller.java:93)
>
> Please can some one confirm me, if the above error is because of
> compatability between SAML generated with SAML1.0 and marshalling using
> SAML2.0?
>
> Once again Thanks for all yours help.
>
> Thanks,
> Regards
> --- On Tue, 27/10/09, Brent Putman
> <>
> wrote:
>
>
> From: Brent Putman
> <>
> Subject: Re: [OpenSAML] Unmarshall and validating an SAML file
> To:
>
> Date: Tuesday, 27 October, 2009, 2:01 AM
>
>
> I don't see anything obviously wrong with what you doing vis-a-vis the
> XML parsing. Not much can go wrong there, it's not even the opensaml
> code, just JAXP. So check that that is the correct filename, that the
> file isn't empty, etc.
>
> Are you sure the error is from that line? I don't see you calling
> DefaultBootstrap.bootstrap() in your code snippet. Failing to bootstrap
> the library that would most likely generate an NPE a few lines down,
> where an attempt would be made to use the (null reference) unmarshaller .
>
>
>
> murali mca wrote:
>>
>> When I ran the above piece of code, I am presenting with
>> responseRoot: null
>> "Exception in thread "main" _java.lang.NullPointerException_ "
>>
>> I am getting the "null", at this line. Element responseRoot =
>> inCommonMDDoc.getDocumentElement();
>> Please could you correct me if I am doing wrong in mycode.
>>
>> Thanks
>> Regards
>>
>>
>> <http://in.rd.yahoo.com/tagline_metro_4/*http://in.yahoo.com/trynew>
>
>
>
> Try the new Yahoo! India Homepage. Click here.
> http://in.yahoo.com/trynew

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Net Services
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch




Archive powered by MHonArc 2.6.16.

Top of Page