mace-opensaml-users - Re: [OpenSAML] Problem Validating an Assertion

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Problem Validating an Assertion

From: Suneet Shah <>
To:
Subject: Re: [OpenSAML] Problem Validating an Assertion
Date: Mon, 01 Mar 2010 00:54:22 -0500
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=XsLLEg+Jk3HtLY8P1gQc7c0jpS7flbWTgPkudU+uUcJVpF+wLdBW/vEoKHcnmOXgXF TE7eWGq/zU65lldoJLNC79eZQ3joNyuczrFqTsgjkDCao5LCiX3GHoTMB/vWSjmA6gx3 yvPbNNCZj5H3yyn1nGQNj7EU1FIF7SqGyGBVs=

Thanks Sidhartha . I have updated the assertion and pasted the exception. I am still getting the same error:

<?xml version="1.0" encoding="UTF-8"?>
<saml2:Assertion ID="3d1932b26ecf433eb365ee9453f47f64" IssueInstant="2010-03-01T05:50:16.320Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:Issuer>openiam</saml2:Issuer><saml2:Subject><saml2:NameID Format="NameIdentifierType" NameQualifier="openiam">3006</saml2:NameID></saml2:Subject><saml2:Conditions NotBefore="2010-03-01T05:50:16.320Z" NotOnOrAfter="2010-03-01T06:20:16.888Z"/><saml2:AuthnStatement AuthnInstant="2010-03-01T05:50:16.320Z"><saml2:AuthnContext><saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef></saml2:AuthnContext></saml2:AuthnStatement></saml2:Assertion>

SEVERE: XML Parsing Error
org.xml.sax.SAXParseException: Content is not allowed in prolog.
at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Un
known Source)
at org.apache.xerces.util.ErrorHandlerWrapper.fatalError(Unknown Source)

at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
at org.apache.xerces.impl.XMLScanner.reportFatalError(Unknown Source)
at org.apache.xerces.impl.XMLDocumentScannerImpl$PrologDispatcher.dispat
ch(Unknown Source)
at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Un
known Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
at org.opensaml.xml.parse.BasicParserPool$DocumentBuilderProxy.parse(Bas
icParserPool.java:637)

Sidhartha Priye wrote:

Dont see any exceptions in your original post. Why do you have a xmnls="openiam" as your namespace for Assertion to go with the one you have already defined -
"urn:oasis:names:tc:SAML:2.0:assertion".

Why not try with a basic Assertion first -

<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="123" IssueInstant="2010-03-01T05:30:49.730Z" Version="2.0">
http://localhost:9088
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName">mbrendish</saml2:NameID>
</saml2:Subject>
</saml2:Assertion>

------------------------------------------------------------------------
*From:* Suneet Shah
<>
*To:*

*Sent:* Mon, March 1, 2010 12:19:53 AM
*Subject:* [OpenSAML] Problem Validating an Assertion

Hello:

I am trying to validate an assertion, but am getting the following parsing exception. Any thoughts on what could be doing wrong?

I am using SOAPUI for my tests.

Thanks in advance for your help

-- Sample Assertion --

<?xml version="1.0" encoding="UTF-8"?>
<saml2:Assertion ID="acae8abb69174e258bd1e746aa2a8a45" IssueInstant="2010-03-01T05:03:23.113Z" Version="2.0" xmlns="openiam" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><saml2:Issuer>openiam</saml2:Issuer><saml2:Subject><saml2:NameID Format="NameIdentifierType" NameQualifier="openiam">3006</saml2:NameID></saml2:Subject><saml2:Conditions NotBefore="2010-03-01T05:03:23.113Z" NotOnOrAfter="2010-03-01T05:33:23.684Z"/><saml2:AuthnStatement AuthnInstant="2010-03-01T05:03:23.113Z"><saml2:AuthnContext><saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef></saml2:AuthnContext></saml2:AuthnStatement></saml2:Assertion>

-- Validation Code --

public boolean isTokenValid(String userId, String token) {
StringReader reader = new StringReader(token);
try {
BasicParserPool ppMgr = new BasicParserPool();
ppMgr.setNamespaceAware(true);
Document inCommonMDDoc = ppMgr.parse(reader);
Element metadataRoot = inCommonMDDoc.getDocumentElement();
UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(metadataRoot);
Assertion samlAssertion = (Assertion)unmarshaller.unmarshall(metadataRoot);
samlAssertion.validate(true);
return true;
}catch(Exception e) {
log.error("Error during token validation: " + e);
return false;
}

}

Problem Validating an Assertion, Suneet Shah, 03/01/2010
- Re: [OpenSAML] Problem Validating an Assertion, Sidhartha Priye, 03/01/2010
  - Re: [OpenSAML] Problem Validating an Assertion, Suneet Shah, 03/01/2010
    - Re: [OpenSAML] Problem Validating an Assertion, Sidhartha Priye, 03/01/2010
      - Re: [OpenSAML] Problem Validating an Assertion, Suneet Shah, 03/01/2010
      - Re: [OpenSAML] Problem Validating an Assertion, Brent Putman, 03/01/2010
        
        Re: [OpenSAML] Problem Validating an Assertion, Suneet Shah, 03/01/2010
        
        RE: [OpenSAML] Problem Validating an Assertion, Scott Cantor, 03/01/2010
        
        Re: [OpenSAML] Problem Validating an Assertion, Suneet Shah, 03/01/2010
        Re: [OpenSAML] Problem Validating an Assertion, Xavier Drudis Ferran, 03/01/2010
        Re: [OpenSAML] Problem Validating an Assertion, Suneet Shah, 03/01/2010
    - Re: [OpenSAML] Problem Validating an Assertion, Brent Putman, 03/01/2010

List archive

Re: [OpenSAML] Problem Validating an Assertion