mace-opensaml-users - Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object
Subject: OpenSAML user discussion
List archive
Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object
Chronological Thread
- From: Chandra Tondepu <>
- To:
- Subject: Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object
- Date: Fri, 5 Mar 2010 16:18:03 -0500
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=L4DSBFtzGpy/8WiVMONOKdAwkFp+tbQ8eIXBjxggHT3jks914sLQsTnJWANZCRbejt 9Co6+lDQs08Y5O6E6yy8aLM2TA0NXJO0ti4iTLnZTFnTV1bm2XuLXm9Tqe6Fzt8I5agB J5h4MbTrT2R28eUiGt5N8P6HJphn3aXAEiVIM=
Scott; Do you mean to say pass "urn:oasis:names:tc:SAML:2.0:cm:sender-vouches" instead of "urn:oasis:names:tc:SAML:2.0:cm:bearer" in the SAML Assertion, as the primary Identity Provider is not generating this Assertion??
Chandra
On Fri, Mar 5, 2010 at 1:24 PM, Scott Cantor <> wrote:
> However we are operating within the limitations laid out by the client.If you're doing that, make sure you omit any SubjectConfirmation from the
They
> prefer to not change their preferred approach of using Spring NTLM to
render
> a UsernamePasswordToken. However they insist on using SAML (since it is a
> standard) to propagate a signed SAML token in the HTTP call made out to
the
> RESTful service. They want to embed the Principal (through NameID) in the
> SAML assertion, sign it and pass it into the http request. On the service
> end they want to validate the signature and retrieve the Principal to be
> used further downstream for logging into Filenet Content Engine using a
> Websphere Custom Login Module that operates on Identity assertion with
trust
> validation.
assertion and/or use the sender-vouches method, as it's designed for that
use case of simply claiming the identity from the client end.
-- Scott
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, (continued)
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Sidhartha Priye, 03/04/2010
- Validating signatures, a way to verify?, Tom Delorenzi, 03/04/2010
- RE: [OpenSAML] Validating signatures, a way to verify?, Scott Cantor, 03/04/2010
- RE: [OpenSAML] Validating signatures, a way to verify?, Tom Delorenzi, 03/04/2010
- RE: [OpenSAML] Validating signatures, a way to verify?, Scott Cantor, 03/04/2010
- RE: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Scott Cantor, 03/04/2010
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Sidhartha Priye, 03/04/2010
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Chandra Tondepu, 03/05/2010
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Sidhartha Priye, 03/05/2010
- RE: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Scott Cantor, 03/05/2010
- Message not available
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Chandra Tondepu, 03/05/2010
- RE: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Scott Cantor, 03/05/2010
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Brent Putman, 03/03/2010
- Re: [OpenSAML] local part cannot be "null" when creating a QName during unmarshalling an Assertion object, Sidhartha Priye, 03/23/2010
Archive powered by MHonArc 2.6.16.