Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Problem Validating an Assertion

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Problem Validating an Assertion


Chronological Thread 
  • From: Sidhartha Priye <>
  • To:
  • Subject: Re: [OpenSAML] Problem Validating an Assertion
  • Date: Sun, 28 Feb 2010 21:40:44 -0800 (PST)
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:References:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=J/9IhNwZrmQaT4Cd5h+lz+vCiSmiDOwA7QGvi5JqcyIxiXyJkh72P2bzq286FLaq6/H5qLHq+oLSEuiIpiUrDgfHAtCut+dArcugo0C/f3nmqFpbLzC+6GpKrQc0h6+HjRC2XCvze8a/u9Anp0nFSZYDi6Le23TRsm5iZ45qRF0=;

Dont see any exceptions in your original post. Why do you have a xmnls="openiam" as your namespace for Assertion to go with the one you have already defined -
"urn:oasis:names:tc:SAML:2.0:assertion".

Why not try with a basic Assertion first -

<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="123"  IssueInstant="2010-03-01T05:30:49.730Z" Version="2.0">
    http://localhost:9088
    <saml2:Subject>
                          <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">mbrendish</saml2:NameID>
    </saml2:Subject>
</saml2:Assertion>




From: Suneet Shah <>
To:
Sent: Mon, March 1, 2010 12:19:53 AM
Subject: [OpenSAML] Problem Validating an Assertion

Hello:

I am trying to validate an assertion, but am getting the following parsing exception. Any thoughts on what could be doing wrong?

I am using SOAPUI for my tests.

Thanks in advance for your help

-- Sample Assertion --

<?xml version="1.0" encoding="UTF-8"?>
<saml2:Assertion ID="acae8abb69174e258bd1e746aa2a8a45" IssueInstant="2010-03-01T05:03:23.113Z" Version="2.0" xmlns="openiam" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:Issuer>openiam</saml2:Issuer><saml2:Subject><saml2:NameID Format="NameIdentifierType" NameQualifier="openiam">3006</saml2:NameID></saml2:Subject><saml2:Conditions NotBefore="2010-03-01T05:03:23.113Z" NotOnOrAfter="2010-03-01T05:33:23.684Z"/><saml2:AuthnStatement AuthnInstant="2010-03-01T05:03:23.113Z"><saml2:AuthnContext><saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef></saml2:AuthnContext></saml2:AuthnStatement></saml2:Assertion>

-- Validation Code --

  public boolean isTokenValid(String userId, String token) {
            StringReader reader = new StringReader(token);
      try {
          BasicParserPool ppMgr = new BasicParserPool();
          ppMgr.setNamespaceAware(true);
          Document inCommonMDDoc = ppMgr.parse(reader);
          Element metadataRoot = inCommonMDDoc.getDocumentElement();
                      UnmarshallerFactory unmarshallerFactory  = Configuration.getUnmarshallerFactory();
          Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(metadataRoot);
          Assertion samlAssertion = (Assertion)unmarshaller.unmarshall(metadataRoot);
          samlAssertion.validate(true);
          return true;
      }catch(Exception e) {
          log.error("Error during token validation: " + e);
          return false;
      }

  }




Archive powered by MHonArc 2.6.16.

Top of Page