You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2012/05/31 15:40:41 UTC
svn commit: r1344722 -
/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
Author: coheigea
Date: Thu May 31 13:40:40 2012
New Revision: 1344722
URL: http://svn.apache.org/viewvc?rev=1344722&view=rev
Log:
[CXF-4352] - SAML Web SSO processing error when receiving a signed Assertion
Modified:
cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
Modified: cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java?rev=1344722&r1=1344721&r2=1344722&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java (original)
+++ cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/SAMLSSOResponseValidator.java Thu May 31 13:40:40 2012
@@ -22,10 +22,12 @@ import java.util.Date;
import java.util.List;
import java.util.logging.Logger;
+import org.w3c.dom.Element;
+
import org.apache.cxf.common.logging.LogUtils;
import org.apache.ws.security.WSSecurityException;
-import org.apache.ws.security.saml.ext.AssertionWrapper;
import org.apache.ws.security.saml.ext.builder.SAML2Constants;
+import org.apache.ws.security.util.DOM2Writer;
import org.opensaml.saml2.core.AudienceRestriction;
import org.opensaml.saml2.core.AuthnStatement;
@@ -126,8 +128,8 @@ public class SAMLSSOResponseValidator {
validatorResponse.setResponseId(samlResponse.getID());
validatorResponse.setSessionNotOnOrAfter(sessionNotOnOrAfter);
// the assumption for now is that SAMLResponse will contain only a single assertion
- validatorResponse.setAssertion(
- new AssertionWrapper(samlResponse.getAssertions().get(0)).assertionToString());
+ Element assertionElement = samlResponse.getAssertions().get(0).getDOM();
+ validatorResponse.setAssertion(DOM2Writer.nodeToString(assertionElement));
return validatorResponse;
}