OpenSAML user discussion

["Scott Cantor" <>]

> anther question, I hope i am not too boring. about encrypt, in C++,
> encrypt need get credential from metaprovider,

The shorthand methods at the opensaml layer rely on metadata. The encryption
primitives in the xmltooling later don't, they just rely on a Credential,
like with signing.

> I don't know why do so.
> why could not get credential in the same way  as signature.

You can, you'd just encrypt the objects yourself. You can find the code
(which is very minimal) in the EncryptedElementType::encrypt method
implementation.

> and does it
> mean we need another credential resolver xml file.

You never need an XML file, you need a DOM. Those are very different
requirements.

> as far as now, I
> could not understand the process of saml assertion encryption yet, but I
> think it should  use the same way between encryption and signature

It's a small change to add an encrypt method that doesn't take metadata, but
I had no use for it. Metadata is everything in this SAML implementation.
None of the code will be useful to you if you're not using it, it's found in
all of the important APIs. Using this library solely for XML manipulation is
a waste of your time.

-- Scott