Hello, I am new to cryptography. I have added an assertion to the security
header, and want to be able to encrypt the assertion with AES 256 and
digitally sign the entire xml message. I am not sure what is the next step
to take. I tried using
WSSecEncrypt builder = new WSSecEncrypt();
builder.setUserInfo("wss4jcert");
builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
builder.setSymmetricEncAlgorithm(WSConstants.AES_256);
Vector parts = new Vector();
WSEncryptionPart encP =
new WSEncryptionPart("Assertion",XML.SAML_NS, "Element");
parts.add(encP);
builder.setParts(parts);
But this still leaves the Assertion in clear text. Any guidance greatly
appreciated. Thanks.
This is the xml:
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<Assertion
AssertionID="faaed2eb3385208e5b9813eb5fc25518"
IssueInstant="2007-03-05T04:19:46.326Z"
Issuer="A R"
MajorVersion="1" MinorVersion="1"
xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
<Conditions NotBefore="2007-03-05T04:19:46.326Z"
NotOnOrAfter="2007-03-05T04:19:46.326Z"
/>
<AttributeStatement>
<Subject>
<NameIdentifier>Book Price
quote</NameIdentifier>
</Subject>
<Attribute AttributeName="ISBN"
AttributeNamespace="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<AttributeValue>01234567890</AttributeValue>
</Attribute>
</AttributeStatement>
</Assertion>
</wsse:Security>
</soapenv:Header>
<soapenv:Body />
</soapenv:Envelope>
This is the code
SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
Document doc = unsignedEnvelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
WSSecSAMLToken samlToken = new WSSecSAMLToken();
SAMLAssertion assertion = new SAMLAssertion();
assertion.setNotBefore(new Date());
assertion.setNotOnOrAfter(new Date());
assertion.setIssueInstant(new Date());
assertion.setIssuer("A R");
SAMLAttributeStatement attribStatement = new
SAMLAttributeStatement();
SAMLAttribute attrib = new SAMLAttribute();
attrib.addValue("1234567890");
attrib.setName("ISBN");
attrib.setNamespace(XML.SAML_NS);
attribStatement.addAttribute(attrib);
SAMLSubject subject = new SAMLSubject();
SAMLNameIdentifier nameId = new SAMLNameIdentifier();
nameId.setName("Book Price quote");
subject.setName(nameId);
attribStatement.setSubject(subject);
assertion.addStatement(attribStatement);
samlToken.build(doc, assertion, secHeader);
--
View this message in context:
http://www.nabble.com/Encrypt-Assertion-tf3345610.html#a9304562
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
