Hi
I am a XML-signature newbie and I am trying to figure out how to verify an
XML Signature with default namespace:
<samlp:Response
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" ...>
<saml:Assertion
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" ...>
<saml:Conditions ...>
...
</saml:Conditions>
<saml:AuthenticationStatement ...>...</
saml:AuthenticationStatement>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
...
</Signature>
</saml:Assertion>
.
I have tried to use the example from
src_samples/org/apache/xml/security/samples/signature/ to do this.
Here is a snippet of my code:
Document doc = builder.parse(new InputSource(new StringReader(xmlString)));
Element sigElement = (Element) XPathAPI.selectSingleNode(doc,
"//Signature[1]");
XMLSignature signature = new XMLSignature(sigElement, "http://";);
It fails on the last line, throwing the exception:
org.apache.xml.security.exceptions.XMLSecurityException: Cannot create a
null:null from a http://www.w3.org/2000/09/xmldsig#:Signature element
at
org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorrectSpace(ElementProxy.java:272)
at
org.apache.xml.security.utils.ElementProxy.<init>(ElementProxy.java:209)
at
org.apache.xml.security.utils.SignatureElementProxy.<init>(SignatureElementProxy.java:54)
at
org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:255)
Any ideas?
Best regards,
Vidar
