It's a bug in WSS4J that I've just fixed. You can work around it for now by calling:
Element element = assertionWrapper.getElement(); String assertionStr = DOM2Writer.node2String(element); Colm. On Thu, Mar 8, 2012 at 1:50 PM, Mark Diskin <[email protected]> wrote: > Thanks - was able to get this to work. It might be a helpful utility class to > have something that walks the result with a callback so all of this > casting/looping is not coded over and over again. > > > Also In debugging I added this and got a NPE (see below) since the privatekey > onject is null. Is a private key needed? I had use taken the public key from > our ESB to be able to validate the request. Maybe I’m miss understanding the > to.String method intent. > > log.debug("receivedAssertion ="+receivedAssertion.assertionToString()); > > > 08:13:01.265 [tomcat-http--5] DEBUG org.opensaml.xml.signature.Signer - > Computing signature over XMLSignature object > java.lang.NullPointerException > at > org.apache.xml.security.algorithms.implementations.SignatureBaseRSA.engineInitSign(SignatureBaseRSA.java:157) > at > org.apache.xml.security.algorithms.SignatureAlgorithm.initSign(SignatureAlgorithm.java:238) > at > org.apache.xml.security.signature.XMLSignature.sign(XMLSignature.java:591) > at org.opensaml.xml.signature.Signer.signObject(Signer.java:76) > at > org.apache.ws.security.saml.ext.OpenSAMLUtil.toDom(OpenSAMLUtil.java:132) > at > org.apache.ws.security.saml.ext.AssertionWrapper.toDOM(AssertionWrapper.java:287) > at > org.apache.ws.security.saml.ext.AssertionWrapper.assertionToString(AssertionWrapper.java:297) > > > Mark > > On Mar 8, 2012, at 4:43 AM, Colm O hEigeartaigh <[email protected]> wrote: > >> You could either write a custom validator or get the Assertion from >> the result objects, e.g.: >> >> http://svn.apache.org/viewvc/webservices/wss4j/trunk/src/test/java/org/apache/ws/security/saml/SamlTokenTest.java?view=markup >> >> List<WSSecurityEngineResult> results = verify(unsignedDoc); >> WSSecurityEngineResult actionResult = >> WSSecurityUtil.fetchActionResult(results, >> WSConstants.ST_UNSIGNED); >> AssertionWrapper receivedAssertion = >> (AssertionWrapper) >> actionResult.get(WSSecurityEngineResult.TAG_SAML_ASSERTION); >> >> Colm. >> >> On Thu, Mar 8, 2012 at 4:01 AM, Mark Diskin <[email protected]> wrote: >>> >>>> I'm able to send both and see from the debugging the validation of the >>>> message. I'm not too sure where I can get the contents of the attribute >>>> values. Do I have to pick them out in a custom validator or is in the >>>> result objects. I see examples for building a client but not ones for the >>>> server. >>>> >>>> I'm on the 1.6.5 version and this is the last piece so I can add saml2 >>>> support on the spring-ws code by implementing my own security filter >>>> behind our service bus. >>>> >>>> Thanks >>>> >>>> Mark >> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
