Skip to Content.
Sympa Menu

mace-opensaml-users - [OpenSAML] Problem reading SAML response

Subject: OpenSAML user discussion

List archive

[OpenSAML] Problem reading SAML response


Chronological Thread 
  • From: <>
  • To:
  • Subject: [OpenSAML] Problem reading SAML response
  • Date: Thu, 29 Jul 2010 23:06:34 -0400 (EDT)
Hi, Can you please help me with this issue. Thank you so much in advance.

I used below code to read the SAML response:

HTTPPostDecoder decode = new HTTPPostDecoder( new BasicParserPool() );
HttpServletRequestAdapter adapter = new
HttpServletRequestAdapter(request);
BasicSAMLMessageContext context = new BasicSAMLMessageContext();
context.setInboundMessageTransport(adapter);
decode.decode(context);
relayState = adapter.getParameterValue(this.RELAY_STATE_PARAM); //
decode.getRelayState();
// Only decode the relay state if there is one
if ((relayState != null) && (relayState.equalsIgnoreCase("") == false))
{
relayState = new String(Base64.decode(relayState));
}

XMLObjectBuilderFactory builderFactory =
org.opensaml.Configuration.getBuilderFactory();
ResponseBuilder rspBldr = (ResponseBuilder)
builderFactory.getBuilder(Response.DEFAULT_ELEMENT_NAME);
Response rsp = rspBldr.buildObject();
rsp = (Response) context.getInboundMessage();
this.inResponseTo = rsp.getInResponseTo();
LOGGER.debug("Completed Step1");
if(inResponseTo != null) {
LOGGER.debug(inResponseTo.toString());
}

This code is working without any problem for below xml:

<Response Destination="https://myurl/sp/ACS.saml2";
ID="_be0417df481888bcc9a230d159002a733b4b" IssueInstant="2010-07-29T22:54:54Z"
Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
<ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">https://solmeurl</ns1:Issuer
>
<Status>
<StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</Status>
<ns2:Assertion ID="_be7f4b4a5729bfbdb794574aa6cc79245658"
IssueInstant="2010-07-29T22:54:54Z" Version="2.0"
xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion">
<ns2:Issuer
Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://somerl</ns2:
Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10xml-exc-c14n#";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09xmldsig#rsa-sha1";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:Reference URI="#_be7f4b4a5729bfbdb794574aa6cc79245658"
mlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:Transforms xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:Transform
Algorithm="http://www.w3.org/2000/09xmldsig#enveloped-signature";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<ds:DigestValue
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>CkYboAHdsFZVG492+XGfFwYL2G4=</ds
:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>abc</ds:SignatureValue>
……………………

But it is not able to read samlp:Response tag. Any idea where I can define the
name space and read this samlp:Response xml object

<?xml version="1.0" encoding="UTF-8"?><samlp:Response
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="someurl"
ID="m8h2JP9iKUDTbPsBffZSm2WGC2M" IssueInstant="2010-07-29T14:52:43.578Z"
Version="2.0"><saml:Issuer
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">preprodsaml.integration.hrp
ortalweb.com</saml:Issuer><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#m8h2JP9iKUDTbPsBffZSm2WGC2M">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>bAsQA4vl5RMGPt0lLuH7LDWW2Gw=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
dfgd/HpWbrBkAnHR8X9rm4wTnG7Ot+BKk6apFVOdhUQO1gLo1xMU
5mYRWrPUJA2J7JF5V34rWzEhTcFDDSspzsGU1uBinYzve2cMBqaQpOg4+RwEdsjyvdGRv/IorZOJ
H+wfKQq/F3YCEdFTGDA=
</ds:SignatureValue>
</ds:Signature><samlp:Status><samlp:StatusCode
Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Encry
ptedAssertion
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><xenc:EncryptedData
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
Type="http://www.w3.org/2001/04/xmlenc#Element";><xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc";
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/><ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
<xenc:EncryptedKey
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";><xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/><xenc:CipherData
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";><xenc:CipherValue
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>d9e0/jTBM9VBn0kmJLfz/ttfMDRgf0H
2x6XKAz1n9tJQCOLxbf4gQZs8nwTITgfxixV+Olf7cs8K
OIUXJ5Y+ycoEyshk7Zxs/xhhWaFRFTnKh6SQTQ93YjKU5eVpaaNd5p258YqnVXte/NlmS2Gf2zTL
………………………………………………

Archive powered by MHonArc 2.6.16.

Top of Page