Yeah, unfortunately, command line tool is not very friendly to
namespaces in xpath. I think the only option to get what you want
is to use local-name() in the XPath expression.
Aleksey
Cook, Sean D (Genworth) wrote:
Greetings!
I am trying to encrypt an element of a saml artifact (the assertion)… I
have tried using the following xpath:
--node-xpath /samlp:Response/saml:Assertion
This works in perls XML::XPath to identify the appropriate node, but I
get an undefined namespace prefix when trying to encrypt. I have pared
down the xml to make sure there was nothing interfering and still no luck:
/apps/xmlsec/bin/xmlsec1 encrypt --privkey-pem keys/private.key
--pubkey-pem keys/pub.key --session-key des-192 --xml-data
saml-artifact.xml --output doc-encrypted-xpath.xml --node-xpath
/samlp:Response/saml:Assertion session-key-template.xml
XPath error : Undefined namespace prefix
xmlXPathEval: evaluation failed
Error: failed to evaluate xpath expression
Error: failed to load file "saml-artifact.xml"
Error: failed to encrypt file with template "session-key-template.xml"
# content of saml-artifact.xml
<?xml version="1.0" encoding="UTF-8"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
ID="djlmjbkjflgnbankboaepihbcckcgcpkmlgfmbpc" Version="2.0"
IssueInstant="2009-05-22T18:23:51Z"
Destination="https://somedestination/post";>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Version="2.0" xml:id="ngaognjiljmkbelegfgnighebokoakanaalhnepj"
ID="ngaognjiljmkbelegfgnighebokoakanaalhnepj"
IssueInstant="2009-05-22T18:23:51Z">
</saml:Assertion>
</samlp:Response>
Can you point me in the right direction?
------------------------------------------------------------------------
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
