mace-opensaml-users - Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>
Subject: OpenSAML user discussion
List archive
- From: Guzman Llambias <>
- To:
- Subject: Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>
- Date: Wed, 24 Feb 2010 09:36:11 -0200 (UYST)
You were right when I asked something about the api, because with this code
I'm having trouble and I think somehing wrong happends that may break the
signature. Do you know about some recommendations when using transformers?
because this code doesn't work for me.
I've put a man in the middle erase by hand the comments and work, but when I
use this code, it doesn't. So, I thought I'm doing something wrong here
Regards
guzman
----- Mensaje original -----
De: "Chad La Joie"
<>
Para:
Enviados: MiƩrcoles, 24 de Febrero 2010 9:30:38 GMT -03:00 Montevideo
Asunto: Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>
Yes, I know about that. I thought you were asking about the OpenSAML
APIs which don't expose that. But yes, if you're going to do your own
transformation that's fine. Just be very careful, if you don't anything
to change the structure of the DOM (i.e. collapse whitespace) you will
corrupt the signature.
On 2/24/10 6:27 AM, Guzman Llambias wrote:
> Chad, thanks for the quick answer!
>
> I asked if there exists something within the api because when I try using
> Java Transformer to serialize and append it to the soap message something
> gets broken. Do you know if java transformer with
> OutputKeys.OMIT_XML_DECLARATIONS affects the signature?
>
> I use something like this:
>
> OutputStream out = new ByteArrayOutputStream();
> StreamResult streamResult = new StreamResult();
> streamResult.setOutputStream(out);
> Transformer transformer = TransformerFactory.newInstance().newTransformer();
> transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
> transformer.transform(s, streamResult);
>
> thanks a lot!
> guzman
> ----- Mensaje original -----
> De: "Chad La
> Joie"<>
> Para:
>
> Enviados: MiƩrcoles, 24 de Febrero 2010 9:12:51 GMT -03:00 Montevideo
> Asunto: Re: [OpenSAML] Remove<?xml version="1.0" encoding="UTF-8"?>
>
> The XML declaration isn't part of the signature, nor is there a way to
> remove it via the API. It's simply part of a valid XML document which
> is what you get when you serialize out the XML.
>
> On 2/24/10 6:06 AM, Guzman Llambias wrote:
>> Hi! I generated a signed SAML token and I want to use it in a
>> RequestSecurityToken message of the WS-Trust specificaction.
>> Unfortunately, when I serialize the message and put it in the soap
>> message, it also puts the comment<?xml version="1.0" encoding="UTF-8"?>.
>> Is there a way to remove it using the api? if not, do you know a way to do
>> so that doesn't break the signature?
>>
>> thanks in advance!
>> Guzman
>>
>> Here's an example of the problem
>>
>> <soap:envelope>
>> <soap:header>
>> ...
>> </soap:header>
>> <soap:body>
>> <wst:RequestSecurityToken>
>> ...
>> <Base>
>> <?xml version="1.0" encoding="UTF-8"?><saml1:Assertion
>> xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"
>> AssertionID="_6a44ae30d9a7ea65cc313ec28d70a7f4"
>> IssueInstant="2010-02-12T17:08:12.328Z" Issuer="Agesic" MajorVersion="1"
>> MinorVersion="0">
>> ...
>> </saml1:Assertion>
>> </Base>
>> </wst:RequestSecurityToken>
>> </soap:body>
>> </soap:envelope>
>
--
Chad La Joie
www.itumi.biz
trusted identities, delivered
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Guzman Llambias, 02/24/2010
- Re: [OpenSAML] Remove <?xml version="1.0" encoding="UTF-8"?>, Chad La Joie, 02/24/2010
Archive powered by MHonArc 2.6.16.