mace-opensaml-users - Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions
Subject: OpenSAML user discussion
List archive
- From: Anthony Whitehead <>
- To:
- Subject: Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions
- Date: Sat, 24 Apr 2010 12:37:52 +0200
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=trj7RpSkuwWPj0RMv8WbRBzBjIta99g1ShYCxEHPGZ3Mxf9M4xRKQ0tmeVIn0uPEwR +ze2A+X8c7rrFmhF5N5/TTwJh4UeN41PfTbAocTjywsOjK/3XoDqp3tEpofSwIMHQZKb 8d/zVVFMKQ/BH8CdiMx+Iqj6qO2RGypN2YKWs=
Thanks for the response Brent, I understand the issue now.
Since several other implementations are using the older version of the profile (and it still seems to be the published
official version!!), is there a version of OpenSAML that contains support for the older profile? I can imagine that this
issue hurts OpenSAML interoperation in some cases.
I don't mind using the xmltooling library to roll my own support for this older profile, but I'd rather not have to.
Again, thanks for the response,
/Ant
On Sat, Apr 24, 2010 at 3:03 AM, Brent Putman <> wrote:
The actual runtime object that's getting unmarshalled appears to be an
On 4/23/10 11:45 AM, Anthony Whitehead wrote:
>
> Here is the exception:
>
> java.lang.ClassCastException: org.opensaml.xml.schema.impl.
> XSAnyImpl
>
XSAny, which is the default object provider that's used when the Element
or type QName is not one that has registered support in the providers
registered with the unmarshaller factory.
>
> Here is the simple testing code:
>
>
> Unmarshaller queryUnmarshaller =That actual cast error above is happening ultimately b/c you're
> Configuration.getUnmarshallerFactory().getUnmarshaller(XACMLAuthzDecisionQueryType.DEFAULT_ELEMENT_NAME_XACML20);
>
explictly getting an unmarshaller for that specific type, as opposed to
using getUnmarshaller(element) and letting it up the right unmarshaller
impl based on the actual element that you are using. Although doing
that wouldn't solve your problem (see below), you'd basically just be
pushing the casting error to a different point in your processing
(assuming you eventually cast it in your code to a
XACMLAuthzDecisionQueryType).
But you're real problem is here. The SAML profile of XACML that's
>
> And here is the simple XACML data:
> <?xml version="1.0"
> encoding="UTF-8"?><xacml-samlp:XACMLAuthzDecisionQuery
> xmlns:xacml-samlp="urn:oasis:xacml:2.0:saml:protocol:schema:os"
supported in OpenSAML is not that one. See this Jira issue, which will
hopefully explain things:
https://bugs.internet2.edu/jira/browse/JOST-34
Basically, there is no object provider support in OpenSAML for a
XACMLAuthzDecisionQuery element from the namespace
urn:oasis:xacml:2.0:saml:protocol:schema:os. The OpenSAML supports is
from namespace
urn:oasis:names:tc:xacml:2.0:profile:saml2.0:v2:schema:protocol.
HTH,
Brent
- XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Anthony Whitehead, 04/23/2010
- Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Brent Putman, 04/23/2010
- Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Anthony Whitehead, 04/24/2010
- Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Chad La Joie, 04/24/2010
- Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Anthony Whitehead, 04/24/2010
- Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Chad La Joie, 04/24/2010
- Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Anthony Whitehead, 04/24/2010
- Re: [OpenSAML] XACML Unmarshalling ClassCast XSAnyImpl Exceptions, Brent Putman, 04/23/2010
Archive powered by MHonArc 2.6.16.