OpenSAML user discussion

[Brent Putman <>]

On 4/29/11 12:44 PM, 

 wrote:
> Hi All,
>
> Is there an easy way in the OpenSAML Java API to update the Transform
> algorithm when building a SAML Response? 

No, not easily really, because the transforms to use are mandated by the
SAML spec as a "SHOULD NOT contain transforms other than..." enveloped
and exclusive.   See SAML core 5.4.4.


> I could be way off here, but I made an attempt to create a Transform 
> object. I
> have no idea where to add it.
>

No, that's just the XMLObject provider to represent the XML.  Has
nothing to do with the signing process.



> If there is any assistance you can provide or if there is documentation on
> this topic anywhere, I would greatly appreciate any help. 

If you really want to know how to do it, you need to manipulate the
transforms that are on the Signature's ContentReference, specifically
the SAMLObjectContentReference.  The latter is auto-added to the
Signature when you call response.setSignature(signature).  After calling
this, you can obtain the content reference and from that the list of
transforms like so:

List<String> transforms =
((SAMLObjectContentReference)signature.getContentReferences().get(0)).getTransforms();

Then just mutate the list.


--Brent