You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by pymz <py...@gmail.com> on 2011/10/26 14:39:47 UTC
How to validate SAML2.0 with axis2
Hi,
In my project i have to validate a saml2.0 assertion included in the soap
header. This assertion comes from a client, so I just some example of the
structure.
After lot time passed on google/forums etc, I don't really find a good
doc/exemple to validate an assertion. I just find some information to
generate a SAML but nothing to validate it.
I have created an axis2 module "SAMLValidator" with and handler
SAMLValidatorHandler :
public class ValidatorHandler extends AbstractHandler {
public InvocationResponse invoke(MessageContext msgContext) throws
AxisFault {
SOAPEnvelope soapEnv = msgContext.getEnvelope();
SOAPHeader soapHead = soapEnv.getHeader();
try {
//initialize the opensaml library
DefaultBootstrap.bootstrap();
Schema schema = SAMLSchemaBuilder.getSAML11Schema();
//get parser pool manager
BasicParserPool parserPoolManager = new BasicParserPool();
parserPoolManager.setNamespaceAware(true);
parserPoolManager.setIgnoreElementContentWhitespace(true);
parserPoolManager.setSchema(schema);
Validator validator = schema.newValidator();
//pasing
Reader input = new StringReader(soapHead.toString());
Document doc = parserPoolManager.parse(input);
Source srcc = new DOMSource(doc);
//Result res = new StreamResult();
//validation
validator.validate(srcc);
printDOMInfos(doc);
} catch (SAXException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (ConfigurationException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (XMLParserException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}
But I not really sure if this can validate the SAML...
There is an other commons way to validate the assertion? With Ws-Trust ?
WS-Policy? I'm a little bit confused about all kind of WS-*... If anyone can
help me... It would be great
Thanks in advance.
ps: sorry for my frenchy's english ^^
--
View this message in context: http://old.nabble.com/How-to-validate-SAML2.0-with-axis2-tp32724025p32724025.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org