Skip to Content.
Sympa Menu

perfsonar-user - [perfsonar-user] AS Client

Subject: perfSONAR User Q&A and Other Discussion

List archive

[perfsonar-user] AS Client


Chronological Thread 
  • From: Herbert Monteiro <>
  • To:
  • Subject: [perfsonar-user] AS Client
  • Date: Fri, 20 Aug 2010 15:22:54 -0300
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=tdSMmE7dg8URA1uBbJsz6PSUieAKx0G4B6hJF7Kq5oM5Gc3LFIJVqZNp8ve0GrOWY3 Dxl5pUuOfUrJbB6Atv8ThH3rMAriBhEIJLkJQHZLEP2qOk6wXXg3sJaGZCYt1J5gu6ju dFQyqiRVctwJ8VI7WOHae5erCkrrWrpJQutlQ=
Hi all,

I can get a SAML Assertion 1.0 trough a RNP Service (see attached).
How can I create an AuthN message to send a perfSONAR Service?

In psB there is a function called addSAMLSTInMessage. Is it the way?

Regards


















































--
------------------------------------------------
Herbert Monteiro Souza
<?xml version="1.0" encoding="UTF-8"?>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ds="htt
p://www.w3.org/2000/09/xmldsig#" xmlns:exc14n="http://www.w3.org/2001/10/xml-exc
-c14n#" xmlns:xs="http://www.w3.org/2001/XMLSchema"; AssertionID="uuid-9c66fe6f-d
0d0-45ee-a7bc-2515540f2139" IssueInstant="2010-08-20T17:17:41.784Z" Issuer="RNPS
TS" MajorVersion="1" MinorVersion="1">
   <saml:Conditions NotBefore="2010-08-20T17:17:41.784Z" NotOnOrAfter="2010-08-2
0T17:18:17.784Z"/>
   <saml:Advice/>
   <saml:AttributeStatement>
      <saml:Subject>
         <saml:NameIdentifier NameQualifier="http://stcfed.rnp.br";>joaogt@RNPSTS
</saml:NameIdentifier>
         <saml:SubjectConfirmation>
            <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm::sender-vouc
hes</saml:ConfirmationMethod>
            <ds:KeyInfo xmlns:ns5="http://www.w3.org/2001/XMLSchema-instance"; ns
5:type="KeyInfoType">
<xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
                  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xm
lenc#rsa-oaep-mgf1p"/>
                  <ds:KeyInfo>
                     <wsse:SecurityTokenReference xmlns:ns10="http://www.w3.org/
2001/10/xml-exc-c14n#" xmlns:ns6="http://schemas.xmlsoap.org/ws/2006/02/addressi
ngidentity" xmlns:ns7="http://www.w3.org/2000/09/xmldsig#"; xmlns:wssc="http://sc
hemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsse="http://docs.oasis-open.org/wss/2004
/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                        <wsse:KeyIdentifier ValueType="http://docs.oasis-open.or
g/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">
dVE29ysyFW/iD1la3ddePzM6IWo=</wsse:KeyIdentifier>
                     </wsse:SecurityTokenReference>
</ds:KeyInfo>
                  <xenc:CipherData>
                     <xenc:CipherValue>iwZjVHKZpRugTHHErjfEGO0gb1oG/vCZktRU4bORm
CiFVXRaUQoPDzd4PGe9YkgYn7DFmn9QrU/M
j8p4HJozQoXcgiCHTBdbHfv/SfAtjiyQhd1HLAKv529r/dqa0i43dGAUDhQYoNBbePPpMQ5u1zPv
kikf12zgxpyDpm3ZT1Q=</xenc:CipherValue>
                  </xenc:CipherData>
               </xenc:EncryptedKey>
            </ds:KeyInfo>
         </saml:SubjectConfirmation>
      </saml:Subject>
      <saml:Attribute AttributeName="http://schemas.xmlsoap.org/ws/2005/05/ident
ity/claims/givenname" AttributeNamespace="http://stcfed.rnp.br";>
         <saml:AttributeValue>JoÒo</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute AttributeName="http://schemas.xmlsoap.org/ws/2005/05/ident
ity/claims/role" AttributeNamespace="http://stcfed.rnp.br";>
         <saml:AttributeValue>faculty</saml:AttributeValue>
      </saml:Attribute>
      <saml:Attribute AttributeName="http://schemas.xmlsoap.org/ws/2005/05/ident
ity/claims/surname" AttributeNamespace="http://stcfed.rnp.br";>
         <saml:AttributeValue>Gonþalvez Tapes</saml:AttributeValue>
      </saml:Attribute>
   </saml:AttributeStatement>
   <ds:Signature>
      <ds:SignedInfo>
         <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc
-c14n#"/>
         <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sh
a1"/>
         <ds:Reference URI="#uuid-9c66fe6f-d0d0-45ee-a7bc-2515540f2139">
            <ds:Transforms>
               <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#envelo
ped-signature"/>
               <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
/>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/
>
            <ds:DigestValue>G878UkQAui/j4widpZUVrlDzobs=</ds:DigestValue>
         </ds:Reference>
      </ds:SignedInfo>
      <ds:SignatureValue>ZmVAMs1gy+aNjHalDTZiwsFFMDcLAJ2h154P39FyEi+/VGOe/cI3TXn
pGcM3hEScR7/Gl3kc4mUW
4ULl39rO68n2jwJU+QQfbndIh7XfyjZk6RwKfnT19hrXd234xdZIk0FFTP0wdyqTWMILWlnCGzLv
2XHhLyfJ5c6XS84tZis=</ds:SignatureValue>
      <ds:KeyInfo>
         <ds:X509Data>
            <ds:X509Certificate>MIIDDzCCAnigAwIBAgIBAjANBgkqhkiG9w0BAQQFADBOMQsw
CQYDVQQGEwJBVTETMBEGA1UECBMK
U29tZS1TdGF0ZTEMMAoGA1UEChMDU1VOMQwwCgYDVQQLEwNKV1MxDjAMBgNVBAMTBVNVTkNBMB4X
DTA3MDMxMjEwMTgwNVoXDTE3MDMwOTEwMTgwNVowbzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNv
bWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UECxMDU1VO
MRowGAYDVQQDExF4d3NzZWN1cml0eXNlcnZlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
v11fD4vbn2E+RpKgPkDFYzorrGsGqpdsmsZ3wGewLhSdrDI18Lugs6QcUUTq8dQ17xAWPITQWi0E
zXpUhdFTQAi4eiLJnV2SVirz4iyCqbZCzn0gCJxFcJ//+BYwIuWdTLrfya14+47gKBhFnNSZxmpj
Zlahf6105AZMTgt05BMCAwEAAaOB2zCB2DAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVu
U1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUdVE29ysyFW/iD1la3ddePzM6IWow
fgYDVR0jBHcwdYAUZ7plxs6VyOOOTSFyojDV0/YYjJWhUqRQME4xCzAJBgNVBAYTAkFVMRMwEQYD
VQQIEwpTb21lLVN0YXRlMQwwCgYDVQQKEwNTVU4xDDAKBgNVBAsTA0pXUzEOMAwGA1UEAxMFU1VO
Q0GCCQDbHkJaq6KijjANBgkqhkiG9w0BAQQFAAOBgQBWpPzVlkGUGarWc0ghob52gvWWjYoQ/2b1
zHqUcLGt1fGKcwS0m23PMCWjwcTv4AKz4ZAtymK9xe9UOoMkJt+N9SuOajGzKvpf7eXaC5d+CcGm
IhRDL+8Exz9DVqLDi8MVHd8oMg/WeP2c0q0TCDxXmATn6n9hC0abODh8cLUh7Q==</ds:X509Certifi
cate>
         </ds:X509Data>
      </ds:KeyInfo>
   </ds:Signature>
</saml:Assertion>

Archive powered by MHonArc 2.6.16.

Top of Page