Creating OpenSAML Assertion from given XML in Java

9
votes

I have been beating my head against this for a while, and am starting to make progress. However, I ran into some trouble converting a string representation of a SAML 2 Assertion (in XML) to an Assertion object.

It looks like I am getting a valid org.w3c.dom.Document with appropriate data, and I seem to be getting a valid SAMLObjectBuilder<Assertion> from the builder factory, but when I try to put them together all I get is a blank Assertion; subject, issuer, issue time and so on are all null, despite them clearly being set in the XML.

Does anyone see what I am doing wrong, and can suggest a solution?

Document doc = loadXMLFromString(saml);

XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

SAMLObjectBuilder<Assertion> assertionBuilder =
  (SAMLObjectBuilder<Assertion>)
  builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);

Assertion assertion = assertionBuilder.buildObject(doc.getDocumentElement());

String nameID = assertion.getSubject().getNameID().getValue();

At the nameID assignment, assertion.getSubject() returns null, failing the remainder of the expression.

The example I am using is the full XML from sstc-saml-tech-overview-2.0-draft-03, page 10.

The function loadXMLFromString() above is mostly borrowed from In Java, how do I parse XML as a String instead of a file?

1
javaxmlsamlopensaml
We don't edit the question name with [SOLVED] here. If you've got your answer, please mark it with the green tick to the left of it - your question will only then be marked as "solved".moinudin
@marcog I tried that at first, but couldn't mark my own answer as accepted before the end of the 48 hour grace period, and with all the searching I did for a solution, thought it was relevant enough to leave the question around rather than delete it.user
It's great that you've posted a self-answer. Too many people just walk away. +1 to both question and answer for doing so!moinudin

1 Answers

9
votes

In case someone else is facing the same problem, and runs across this, here is the answer.

https://wiki.shibboleth.net/confluence/display/OpenSAML/OSTwoUsrManJavaCreateFromXML

Just take the unmarshalling example:

String inCommonMDFile = "/data/org/opensaml/saml2/metadata/InCommon-metadata.xml";

// Initialize the library
DefaultBootstrap.bootstrap(); 

// Get parser pool manager
BasicParserPool ppMgr = new BasicParserPool();
ppMgr.setNamespaceAware(true);

// Parse metadata file
InputStream in = MetadataTest.class.getResourceAsStream(inCommonMDFile);
Document inCommonMDDoc = ppMgr.parse(in);
Element metadataRoot = inCommonMDDoc.getDocumentElement();

// Get apropriate unmarshaller
UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(metadataRoot);

// Unmarshall using the document root element, an EntitiesDescriptor in this case
EntitiesDescriptor inCommonMD = (EntitiesDescriptor) unmarshaller.unmarshall(metadataRoot);

Then substitute your Document instance for inCommonMDDoc and look at the result of the final unmarshall() call. Note that unmarshall() returns an Object which you need to cast to the appropriate type. Hint: you can use use typeof if you aren't sure what type it is, but watch out for inheritance.