You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by St...@faa.gov on 2014/09/09 15:16:52 UTC
Parsing SAML Assertion from XML
I've inherited some legacy code that I need to update to handle SAML 2.0 assertions. Currently it handles SAML 1.1 assertions, which I still need it to do. The legacy code uses various flavors of CXF 2.3, WSS4J 1.5, and OpenSAML 1, so to do what I need to do I have to migrate to (at least) CXF 2.7, WSS4J 1.6 and OpenSAML 2. And of course right out of the gate I'm having some issues.
My legacy code parses a string containing a SAML 1.1 assertion using code something like this:
SAMLAssertion assertion;
InputStream in = new ByteArrayInputStream( xmlString.getBytes() );
Assertion = new SAMLAssertion;
It doesn't appear that you can parse a string quite as simply these days. I've found a few pointers online that may help, including this one:
http://stackoverflow.com/questions/4667873/creating-opensaml-assertion-from-given-xml-in-java
But that one assumes that you know already whether you have a SAML 1 or SAML 2 assertion in the XML, and at this point in my code, I do not know that. And I have to handle either.
What I would like to do is, given the XML string, build an AssertionWrapper, and use that in place of the OpenSAML 1.1 SAMLAssertion. Is there something already in WSS4J / CXF that will do the legwork, or do I need to build a DOM element, figure out what version of SAML was used, build the appropriate Assertion object, and stick it in an AssertionWrapper? It seems like this wouldn't be such a new problem, but I haven't been able to find anything online that is much help.
Thanx,
Stephen W. Chappell
RE: Parsing SAML Assertion from XML
Posted by St...@faa.gov.
That looks perfect. Thanx, Colm!
Stephen W. Chappell
-----Original Message-----
From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
Sent: Tuesday, September 09, 2014 11:35 AM
To: users@cxf.apache.org
Subject: Re: Parsing SAML Assertion from XML
Hi Stephen,
I would convert the XML String to a DOM Element + use the WSS4J AssertionWrapper, e.g.:
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
InputStream in = new ByteArrayInputStream(assertionString.getBytes());
Document newDoc = dbf.newDocumentBuilder().parse(in);
SamlAssertionWrapper newAssertion =
new SamlAssertionWrapper(newDoc.getDocumentElement());
Colm.
On Tue, Sep 9, 2014 at 2:16 PM, <St...@faa.gov> wrote:
> I've inherited some legacy code that I need to update to handle SAML
> 2.0 assertions. Currently it handles SAML 1.1 assertions, which I
> still need it to do. The legacy code uses various flavors of CXF 2.3,
> WSS4J 1.5, and OpenSAML 1, so to do what I need to do I have to
> migrate to (at least) CXF 2.7, WSS4J 1.6 and OpenSAML 2. And of course
> right out of the gate I'm having some issues.
>
> My legacy code parses a string containing a SAML 1.1 assertion using
> code something like this:
>
> SAMLAssertion assertion;
> InputStream in = new ByteArrayInputStream( xmlString.getBytes() );
> Assertion = new SAMLAssertion;
>
> It doesn't appear that you can parse a string quite as simply these days.
> I've found a few pointers online that may help, including this one:
>
>
> http://stackoverflow.com/questions/4667873/creating-opensaml-assertion
> -from-given-xml-in-java
>
> But that one assumes that you know already whether you have a SAML 1
> or SAML 2 assertion in the XML, and at this point in my code, I do not
> know that. And I have to handle either.
>
> What I would like to do is, given the XML string, build an
> AssertionWrapper, and use that in place of the OpenSAML 1.1 SAMLAssertion.
> Is there something already in WSS4J / CXF that will do the legwork, or
> do I need to build a DOM element, figure out what version of SAML was
> used, build the appropriate Assertion object, and stick it in an
> AssertionWrapper? It seems like this wouldn't be such a new problem,
> but I haven't been able to find anything online that is much help.
>
> Thanx,
>
> Stephen W. Chappell
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: Parsing SAML Assertion from XML
Posted by Colm O hEigeartaigh <co...@apache.org>.
Hi Stephen,
I would convert the XML String to a DOM Element + use the WSS4J
AssertionWrapper, e.g.:
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
dbf.setNamespaceAware(true);
InputStream in = new ByteArrayInputStream(assertionString.getBytes());
Document newDoc = dbf.newDocumentBuilder().parse(in);
SamlAssertionWrapper newAssertion =
new SamlAssertionWrapper(newDoc.getDocumentElement());
Colm.
On Tue, Sep 9, 2014 at 2:16 PM, <St...@faa.gov> wrote:
> I've inherited some legacy code that I need to update to handle SAML 2.0
> assertions. Currently it handles SAML 1.1 assertions, which I still need it
> to do. The legacy code uses various flavors of CXF 2.3, WSS4J 1.5, and
> OpenSAML 1, so to do what I need to do I have to migrate to (at least) CXF
> 2.7, WSS4J 1.6 and OpenSAML 2. And of course right out of the gate I'm
> having some issues.
>
> My legacy code parses a string containing a SAML 1.1 assertion using code
> something like this:
>
> SAMLAssertion assertion;
> InputStream in = new ByteArrayInputStream( xmlString.getBytes() );
> Assertion = new SAMLAssertion;
>
> It doesn't appear that you can parse a string quite as simply these days.
> I've found a few pointers online that may help, including this one:
>
>
> http://stackoverflow.com/questions/4667873/creating-opensaml-assertion-from-given-xml-in-java
>
> But that one assumes that you know already whether you have a SAML 1 or
> SAML 2 assertion in the XML, and at this point in my code, I do not know
> that. And I have to handle either.
>
> What I would like to do is, given the XML string, build an
> AssertionWrapper, and use that in place of the OpenSAML 1.1 SAMLAssertion.
> Is there something already in WSS4J / CXF that will do the legwork, or do I
> need to build a DOM element, figure out what version of SAML was used,
> build the appropriate Assertion object, and stick it in an
> AssertionWrapper? It seems like this wouldn't be such a new problem, but I
> haven't been able to find anything online that is much help.
>
> Thanx,
>
> Stephen W. Chappell
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com