You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by AyaJava <ja...@gmail.com> on 2007/03/05 05:32:28 UTC
Encrypt Assertion
Hello, I am new to cryptography. I have added an assertion to the security
header, and want to be able to encrypt the assertion with AES 256 and
digitally sign the entire xml message. I am not sure what is the next step
to take. I tried using
WSSecEncrypt builder = new WSSecEncrypt();
builder.setUserInfo("wss4jcert");
builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
builder.setSymmetricEncAlgorithm(WSConstants.AES_256);
Vector parts = new Vector();
WSEncryptionPart encP =
new WSEncryptionPart("Assertion",XML.SAML_NS, "Element");
parts.add(encP);
builder.setParts(parts);
But this still leaves the Assertion in clear text. Any guidance greatly
appreciated. Thanks.
This is the xml:
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<Assertion AssertionID="faaed2eb3385208e5b9813eb5fc25518"
IssueInstant="2007-03-05T04:19:46.326Z" Issuer="A R"
MajorVersion="1" MinorVersion="1"
xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
<Conditions NotBefore="2007-03-05T04:19:46.326Z"
NotOnOrAfter="2007-03-05T04:19:46.326Z" />
<AttributeStatement>
<Subject>
<NameIdentifier>Book Price quote</NameIdentifier>
</Subject>
<Attribute AttributeName="ISBN"
AttributeNamespace="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<AttributeValue>01234567890</AttributeValue>
</Attribute>
</AttributeStatement>
</Assertion>
</wsse:Security>
</soapenv:Header>
<soapenv:Body />
</soapenv:Envelope>
This is the code
SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecSAMLToken samlToken = new WSSecSAMLToken();
SAMLAssertion assertion = new SAMLAssertion();
assertion.setNotBefore(new Date());
assertion.setNotOnOrAfter(new Date());
assertion.setIssueInstant(new Date());
assertion.setIssuer("A R");
SAMLAttributeStatement attribStatement = new
SAMLAttributeStatement();
SAMLAttribute attrib = new SAMLAttribute();
attrib.addValue("1234567890");
attrib.setName("ISBN");
attrib.setNamespace(XML.SAML_NS);
attribStatement.addAttribute(attrib);
SAMLSubject subject = new SAMLSubject();
SAMLNameIdentifier nameId = new SAMLNameIdentifier();
nameId.setName("Book Price quote");
subject.setName(nameId);
attribStatement.setSubject(subject);
assertion.addStatement(attribStatement);
samlToken.build(doc, assertion, secHeader);
--
View this message in context: http://www.nabble.com/Encrypt-Assertion-tf3345610.html#a9304562
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Encrypt Assertion
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi,
On 3/5/07, AyaJava <ja...@gmail.com> wrote:
>
> Hello, I am new to cryptography. I have added an assertion to the security
> header, and want to be able to encrypt the assertion with AES 256 and
> digitally sign the entire xml message. I am not sure what is the next step
> to take. I tried using
> WSSecEncrypt builder = new WSSecEncrypt();
> builder.setUserInfo("wss4jcert");
> builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
> builder.setSymmetricEncAlgorithm(WSConstants.AES_256);
> Vector parts = new Vector();
> WSEncryptionPart encP =
> new WSEncryptionPart("Assertion",XML.SAML_NS, "Element");
> parts.add(encP);
> builder.setParts(parts);
You have to call builder.build() at this point.
Thanks,
Ruchith
>
> But this still leaves the Assertion in clear text. Any guidance greatly
> appreciated. Thanks.
>
> This is the xml:
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security soapenv:mustUnderstand="1"
>
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
> <Assertion AssertionID="faaed2eb3385208e5b9813eb5fc25518"
> IssueInstant="2007-03-05T04:19:46.326Z" Issuer="A R"
> MajorVersion="1" MinorVersion="1"
> xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
> <Conditions NotBefore="2007-03-05T04:19:46.326Z"
> NotOnOrAfter="2007-03-05T04:19:46.326Z" />
> <AttributeStatement>
> <Subject>
> <NameIdentifier>Book Price quote</NameIdentifier>
> </Subject>
> <Attribute AttributeName="ISBN"
> AttributeNamespace="urn:oasis:names:tc:SAML:1.0:assertion"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <AttributeValue>01234567890</AttributeValue>
> </Attribute>
> </AttributeStatement>
> </Assertion>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body />
> </soapenv:Envelope>
>
> This is the code
>
> SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
> Document doc = unsignedEnvelope.getAsDocument();
> WSSecHeader secHeader = new WSSecHeader();
> secHeader.insertSecurityHeader(doc);
>
> WSSecSAMLToken samlToken = new WSSecSAMLToken();
> SAMLAssertion assertion = new SAMLAssertion();
> assertion.setNotBefore(new Date());
> assertion.setNotOnOrAfter(new Date());
> assertion.setIssueInstant(new Date());
> assertion.setIssuer("A R");
>
>
> SAMLAttributeStatement attribStatement = new
> SAMLAttributeStatement();
>
> SAMLAttribute attrib = new SAMLAttribute();
> attrib.addValue("1234567890");
> attrib.setName("ISBN");
> attrib.setNamespace(XML.SAML_NS);
> attribStatement.addAttribute(attrib);
>
> SAMLSubject subject = new SAMLSubject();
> SAMLNameIdentifier nameId = new SAMLNameIdentifier();
> nameId.setName("Book Price quote");
> subject.setName(nameId);
> attribStatement.setSubject(subject);
>
> assertion.addStatement(attribStatement);
>
> samlToken.build(doc, assertion, secHeader);
> --
> View this message in context: http://www.nabble.com/Encrypt-Assertion-tf3345610.html#a9304562
> Sent from the WSS4J mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
www.ruchith.org
www.wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Encrypt Assertion
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi,
On 3/5/07, AyaJava <ja...@gmail.com> wrote:
>
> Hello, I am new to cryptography. I have added an assertion to the security
> header, and want to be able to encrypt the assertion with AES 256 and
> digitally sign the entire xml message. I am not sure what is the next step
> to take. I tried using
> WSSecEncrypt builder = new WSSecEncrypt();
> builder.setUserInfo("wss4jcert");
> builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
> builder.setSymmetricEncAlgorithm(WSConstants.AES_256);
> Vector parts = new Vector();
> WSEncryptionPart encP =
> new WSEncryptionPart("Assertion",XML.SAML_NS, "Element");
> parts.add(encP);
> builder.setParts(parts);
You have to call builder.build() at this point.
Thanks,
Ruchith
>
> But this still leaves the Assertion in clear text. Any guidance greatly
> appreciated. Thanks.
>
> This is the xml:
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security soapenv:mustUnderstand="1"
>
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
> <Assertion AssertionID="faaed2eb3385208e5b9813eb5fc25518"
> IssueInstant="2007-03-05T04:19:46.326Z" Issuer="A R"
> MajorVersion="1" MinorVersion="1"
> xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
> <Conditions NotBefore="2007-03-05T04:19:46.326Z"
> NotOnOrAfter="2007-03-05T04:19:46.326Z" />
> <AttributeStatement>
> <Subject>
> <NameIdentifier>Book Price quote</NameIdentifier>
> </Subject>
> <Attribute AttributeName="ISBN"
> AttributeNamespace="urn:oasis:names:tc:SAML:1.0:assertion"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <AttributeValue>01234567890</AttributeValue>
> </Attribute>
> </AttributeStatement>
> </Assertion>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body />
> </soapenv:Envelope>
>
> This is the code
>
> SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
> Document doc = unsignedEnvelope.getAsDocument();
> WSSecHeader secHeader = new WSSecHeader();
> secHeader.insertSecurityHeader(doc);
>
> WSSecSAMLToken samlToken = new WSSecSAMLToken();
> SAMLAssertion assertion = new SAMLAssertion();
> assertion.setNotBefore(new Date());
> assertion.setNotOnOrAfter(new Date());
> assertion.setIssueInstant(new Date());
> assertion.setIssuer("A R");
>
>
> SAMLAttributeStatement attribStatement = new
> SAMLAttributeStatement();
>
> SAMLAttribute attrib = new SAMLAttribute();
> attrib.addValue("1234567890");
> attrib.setName("ISBN");
> attrib.setNamespace(XML.SAML_NS);
> attribStatement.addAttribute(attrib);
>
> SAMLSubject subject = new SAMLSubject();
> SAMLNameIdentifier nameId = new SAMLNameIdentifier();
> nameId.setName("Book Price quote");
> subject.setName(nameId);
> attribStatement.setSubject(subject);
>
> assertion.addStatement(attribStatement);
>
> samlToken.build(doc, assertion, secHeader);
> --
> View this message in context: http://www.nabble.com/Encrypt-Assertion-tf3345610.html#a9304562
> Sent from the WSS4J mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
www.ruchith.org
www.wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org