Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Need XMLObject in assertion, I believe

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Need XMLObject in assertion, I believe


Chronological Thread 
  • From: Brent Putman <>
  • To:
  • Subject: Re: [OpenSAML] Need XMLObject in assertion, I believe
  • Date: Wed, 21 Apr 2010 17:20:05 -0400


On 4/21/2010 4:38 PM, Jason Countryman wrote:
You're right.  All I'm looking to do is a quick and dirty way of plugging that in.  This is what I have currently, but it's producing some strange output:


To add to everything that Scott already said (since I was already in the middle of responding):




userRoleAttribute.setNameFormat("http://www.hhs.gov/healthit/nhin");                     
XSStringBuilder stringBuilder111 = (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
XSString userRoleValue = stringBuilder111.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME,XSString.TYPE_NAME);
userRoleValue.setValue("<nhin:Role xmlns:nhin=\"http://www.hhs.gov/healthit/nhin\" code=\"112247003\" codeSystem=\"2.16.840.1.113883.6.96\" codeSystemName=\"SNOMED CT\" displayName=\"Medical doctor\" />");                     
                     
userRoleAttribute.getAttributeValues().add(userRoleValue);



The problem with the above is that the content model of the saml:AttributeValue that you want is *not* a string, that is, it's not an xs:string type per XMLSchema, so you can't use the XSString provider.  You need to use an XML object provider that will allow you to add element children.  The quick and dirty way is to use an XSAny to implement the AttributeValue.

Then, you need an XMLObject to represent your Role element. Again, the quick and dirty way is to use the XSAny  provider, which amongst other uses, is there to support things like the xs:anyType content model (which is the ur-type of the type model in XML Schema).





But the output it's creating has some weird extra chars:





Yeah, b/c it's being treated as a string, and not as an element child, so it's escaping characters which aren't otherwise legal in string content.



Where what I'm looking for is this:

<saml2:Attribute Name="UserRole" NameFormat="http://www.hhs.gov/healthit/nhin">
   <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">
       <nhin:Role xmlns:nhin="http://www.hhs.gov/healthit/nhin" code="112247003" codeSystem="2.16.840.1.113883.6.96" codeSystemName="SNOMED CT" displayName="Medical doctor" />
   </saml2:AttributeValue>
<saml2:Attribute>



Yes, that's what I understood, except:  I doubt that you really want the AttributeValue to claim an xsi:type of xs:string, since it's not a legal string content model.  In this case, the xsi:type should probably just be omitted.



And I'm hoping to do it quick and dirty...not terribly complicated.





Attached is a quick and dirty example that I just coded up.  Note that I used the XSAny to represent both the AttributeValue (because you need to support element content) and the nhin:Role (as an alternative to implementing a full XMLObject provider set for that element).


HTH,
Brent



Attachment: XSAnyAttributeValueExample.java
Description: none


Archive powered by MHonArc 2.6.16.

Top of Page