mace-opensaml-users - Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>
Subject: OpenSAML user discussion
List archive
- From: Chad La Joie <>
- To:
- Subject: Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>
- Date: Wed, 24 Feb 2010 06:30:38 -0500
- Organization: Itumi, LLC
Yes, I know about that. I thought you were asking about the OpenSAML APIs which don't expose that. But yes, if you're going to do your own transformation that's fine. Just be very careful, if you don't anything to change the structure of the DOM (i.e. collapse whitespace) you will corrupt the signature.
On 2/24/10 6:27 AM, Guzman Llambias wrote:
Chad, thanks for the quick answer!
I asked if there exists something within the api because when I try using
Java Transformer to serialize and append it to the soap message something
gets broken. Do you know if java transformer with
OutputKeys.OMIT_XML_DECLARATIONS affects the signature?
I use something like this:
OutputStream out = new ByteArrayOutputStream();
StreamResult streamResult = new StreamResult();
streamResult.setOutputStream(out);
Transformer transformer = TransformerFactory.newInstance().newTransformer();
transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
transformer.transform(s, streamResult);
thanks a lot!
guzman
----- Mensaje original -----
De: "Chad La
Joie"<>
Para:
Enviados: MiƩrcoles, 24 de Febrero 2010 9:12:51 GMT -03:00 Montevideo
Asunto: Re: [OpenSAML] Remove<?xml version="1.0" encoding="UTF-8"?>
The XML declaration isn't part of the signature, nor is there a way to
remove it via the API. It's simply part of a valid XML document which
is what you get when you serialize out the XML.
On 2/24/10 6:06 AM, Guzman Llambias wrote:
Hi! I generated a signed SAML token and I want to use it in a RequestSecurityToken message of the
WS-Trust specificaction. Unfortunately, when I serialize the message and put it in the soap message, it
also puts the comment<?xml version="1.0" encoding="UTF-8"?>. Is there a way
to remove it using the api? if not, do you know a way to do so that doesn't break the signature?
thanks in advance!
Guzman
Here's an example of the problem
<soap:envelope>
<soap:header>
...
</soap:header>
<soap:body>
<wst:RequestSecurityToken>
...
<Base>
<?xml version="1.0" encoding="UTF-8"?><saml1:Assertion xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"
AssertionID="_6a44ae30d9a7ea65cc313ec28d70a7f4" IssueInstant="2010-02-12T17:08:12.328Z" Issuer="Agesic" MajorVersion="1"
MinorVersion="0">
...
</saml1:Assertion>
</Base>
</wst:RequestSecurityToken>
</soap:body>
</soap:envelope>
--
Chad La Joie
www.itumi.biz
trusted identities, delivered
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
Archive powered by MHonArc 2.6.16.