OpenSAML user discussion

[Chad La Joie <>]

If you are starting a new topic please don't respond to an existing thread.

What you're seeing is a classpath issues.  Be sure that all the jars 
bundled with opensaml are on the classpath.  In particular the xmlsec 
jar contains the class you're seeing in the error.  I have no experience 
with WebLogic so I have no idea how you do that.

Also, in regards to endorsement, you should only have the jars located 
in the "endorsed" directory that comes with OpenSAML within your 
JVM/container endorsed directory.  Copying everything over is not a good 
thing and will likely lead to other errors.

On 1/10/11 3:45 PM, Michael Sidelnikov wrote:
> Hello Chad,
> I am running into a problem when trying to sign the SAML assertion on
> WebLogic 10.3. The application deployes as a war file.
> Here is the exception:
> java.lang.NoClassDefFoundError: org/apache/xml/security/Init
> at
> org.opensaml.DefaultBootstrap.initializeXMLSecurity(DefaultBootstrap.java:103)
>
> at org.opensaml.DefaultBootstrap.bootstrap(DefaultBootstrap.java:79)
> at servlets.CreateRequestServlet.(Unknown Source)
> at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
> .........
>
> This exception occurs when DefaultBootstrap attempts to load a default
> configuration:
> DefaultBootstrap.bootstrap();
>
> I did some home work - I tried all fixes that were mentioned on the
> different forums:
> I created endorsed directories under the jre/lib and copied there the
> following jares:
> opensaml-2.2.3.jar
> resolver-2.9.1.jar
> serializer-2.7.1.jar
> slf4j-api-1.5.6.jar
> slf4j-jdk14-1.5.6.jar
> slf4j-nop-1.5.6.jar
> xalan-2.7.1.jar
> xercesImpl-2.9.1.jar
> xml-apis-2.9.1.jar
> xmlsec-2.0.jar
> I attached these jares to the classpath in the startWeblogic script and
> have added the weblogic.class.path property with all nessessary jars
> attached to it.
> Also I added the following jars to the WEB-INF/lib folder:
> catalina-root.jar
> commons-codec-1.3.jar
> jdom.jar
> opensaml-2.2.3.jar
> xmldsig.jar
> xmlsec-2.0.jar
> xmltooling-1.2.0.jar
> and updated weblogic.xml with the following part:
> <wls:container-descriptor>
> <wls:prefer-web-inf-classes>true</wls:prefer-web-inf-classes>
> </wls:container-descriptor>
> All these attempts led me to the same result - runtime exception.
> At this point I think that I need help to resolve this issue.
>
> Please, help... I am running out of time ...
>
> Thank you,
>
> Michael Sidelnikov
>
>  > Date: Mon, 10 Jan 2011 13:53:44 -0500
>  > From: 
>
>  > To: 
>
>  > Subject: Re: [OpenSAML] Questions - Just starting out with OpenSAML
>  >
>  > As we were just discussing on the Shib list. OpenSAML itself is not an
>  > SP (or IdP). The analogy I use is that OpenSAML vs. and SP is the
>  > difference between having an HTTP library and having a web server (Scott
>  > says socket library vs web server).
>  >
>  > The discussion on the Shibboleth list was actually about a person using
>  > the Spring Security SAML module so that might be an option. There is
>  > also oiosaml which is based on OpenSAML. Both are native Java but I
>  > can't vouch for the completeness or security rigor of either one.
>  >
>  > On 1/10/11 1:50 PM, Mark Barnes wrote:
>  > > Thank you for your response, Scott.
>  > >
>  > > I am looking at Shibboleth SP now.
>  > >
>  > > One of the first things I noted is that, when using Java Servlets, the
>  > > use of Apache is required. We don't use Apache. I'm not sure if we can
>  > > make that switch or not.
>  > >
>  > > Are there any examples of using OpenSAML directly by the service itself
>  > > that you can point me to?
>  > >
>  > > ---Mark
>  > >
>  > > 
> *From:*
>  > > 
> [mailto:]
>  *On Behalf Of
>  > > *Cantor, Scott E.
>  > > *Sent:* 07 January, 2011 8:51 PM
>  > > *To:* 
> <>
>  > > *Cc:* 
>
>  > > *Subject:* Re: [OpenSAML] Questions - Just starting out with OpenSAML
>  > >
>  > >
>  > > On Jan 7, 2011, at 8:24 PM, "Mark Barnes"
> <
>  > > 
> <mailto:>>
>  wrote:
>  > >
>  > > It looks like OpenSAML will the perfect solution.
>  > >
>  > > I would strongly urge you to adopt a complete SP implementation,
> whether
>  > > it's Shibboleth or otherwise. It's not a good use of time to reproduce
>  > > all that work, nor are you likely to end up with a comparable feature
>  > > set or maturity level of code.
>  > >
>  > > I have downloaded the source and binaries for OpenSAML 2.3.1, and
>  > > have been reading the user's manual at
>  > > https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManual. I
>  > > must admit to being quite confused.
>  > >
>  > > The gap between this toolkit and a mature SP is enormous, so get
> used to
>  > > that feeling.
>  > >
>  > > The first example in the user's manual uses class BasicParserPool in
>  > > package org.opensaml.xml.parse, but I can't seem find this package or
>  > > even org.opensaml.xml . I browsed the jar file and the source and I
> just
>  > > don't see it.
>  > >
>  > > There are two other libraries that opensaml depends on, openws and
>  > > xmltooling. I believe the presumption now is that one is using maven to
>  > > pull in all the right components and automate the process.
>  > >
>  > > -- Scott
>  > >
>  >
>  > --
>  > Chad La Joie
>  > http://itumi.biz
>  > trusted identities, delivered

--
Chad La Joie
http://itumi.biz
trusted identities, delivered