Skip to Content.
Sympa Menu

mace-opensaml-users - Re: [OpenSAML] Problem reading SAML response

Subject: OpenSAML user discussion

List archive

Re: [OpenSAML] Problem reading SAML response


Chronological Thread 
  • From: Brent Putman <>
  • To:
  • Subject: Re: [OpenSAML] Problem reading SAML response
  • Date: Mon, 02 Aug 2010 16:08:50 -0400



On 7/30/10 11:27 PM,

wrote:
>
> Below is the saml response i am getting from my client. I used below code to
> try to decrypt, but after the decryption is done. assertion object seems to
> be
> null.
>



Upping the logging level to DEBUG should give a better idea what's going
on. Otherwise, I can't make a more specific suggestion as to what's
going on.



> List<EncryptedAssertion> eAssertions = rsponse.getEncryptedAssertions();
> EncryptedAssertion encryptedAssertion = eAssertions.get(0);
> Credential decryptionCredential =
> SecurityHelper.getSimpleCredential(publicKey, privateKey);
> BasicCredential credential = new BasicCredential();
> credential.setPrivateKey(privateKey);
> Decrypter decrypter = new Decrypter(null, new
> StaticKeyInfoCredentialResolver(credential), new
> InlineEncryptedKeyResolver());
> Assertion assertion = decrypter.decrypt(encryptedAssertion);
>



Well, I notice you aren't actually using the decryptionCredential that
you construct there with the SecurityHelper, you're instead creating yet
another Credential (called 'credential') that just has the private key.
That might be the source of the problem - Credentials are required to
have at a minimum either a public key or a secret. Unfortunately, the
current impl constructors don't enforce that. FYI, in v 3.0 they will
(i.e. no more no-arg constructor).

Except for that, this code looks ok, I don't spot anything immediately
wrong. That's assuming that the private key is the right one and so forth.










Archive powered by MHonArc 2.6.16.

Top of Page