[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-dev
Subject: ECP Profile implementation...missing SOAP header
From: Mitu Singh <mitusingh27 () yahoo ! com>
Date: 2012-12-12 1:08:21
Message-ID: 1355274501.47525.YahooMailNeo () web122006 ! mail ! ne1 ! yahoo ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
All,
I have a question about the ECP Profile implementation. I
can send a saml response to the ECP Client. This is how my response looks like:
<?xml version="1.0"
encoding="UTF-8"?>
<soap11:Envelope xmlns:soap11="http://schemas.xmlsoap.org/soap/envelope/">
<soap11:Body>
<saml2p:Response……
<saml2:Assertion……
</saml2:Assertion>
</saml2p:Response>
</soap11:Body>
</soap11:Envelope>
The response is missing the soap header element and the
ecp:Response element. The response should look like :
<SOAP-ENV:Envelope
xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
<ecp:Response SOAP-ENV:mustUnderstand="1"
SOAP-ENV:actor="http://schemas.xmlsoap.org/soap/actor/next"
AssertionConsumerServiceURL="https://ServiceProvider.example.com/ecp_assertion_consumer"/>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<samlp:Response> ... </samlp:Response>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I have tried a number of ways to include the header, but it
is not being set. This is how I have done it:
HttpServletResponseAdapter
outTransport = new HttpServletResponseAdapter(httpResponse, false);
BasicSAMLMessageContextmessageContext = new BasicSAMLMessageContext(); \
messageContext.setOutboundMessageTransport(outTransport);
SOAPObjectBuilder<Envelope> envelopeBuilder =
(SOAPObjectBuilder<Envelope>) \
builderFactory.getBuilder(Envelope.DEFAULT_ELEMENT_NAME);
Envelope envelope =
envelopeBuilder.buildObject();
messageContext.setOutboundMessage(envelope);
messageContext.setOutboundSAMLMessage(authResponse); \
SAMLObjectBuilder<org.opensaml.saml2.ecp.Response> ecpResponseBuilder =
(SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>)
builderFactory.getBuilder(org.opensaml.saml2.ecp.Response.DEFAULT_ELEMENT_NAME);
org.opensaml.saml2.ecp.Response ecpResponse = ecpResponseBuilder.buildObject();
ecpResponse.setSOAP11MustUnderstand(true);
ecpResponse.setSOAP11Actor(org.opensaml.saml2.ecp.Response.SOAP11_ACTOR_NEXT);
ecpResponse.setAssertionConsumerServiceURL("https://localhost:8443/sp_URL"); \
SOAPHelper.addHeaderBlock(messageContext, ecpResponse);
And
another way:
SOAPObjectBuilder<Envelope>
envelopeBuilder = (SOAPObjectBuilder<Envelope>)
builderFactory.getBuilder(Envelope.DEFAULT_ELEMENT_NAME);
Envelope envelope =
envelopeBuilder.buildObject(); \
SOAPObjectBuilder<Header>
headerBuilder = (SOAPObjectBuilder<Header>)
builderFactory.getBuilder(Header.DEFAULT_ELEMENT_NAME);
Header header = headerBuilder.buildObject();
SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>
ecpResponseBuilder = (SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>)
builderFactory.getBuilder(org.opensaml.saml2.ecp.Response.DEFAULT_ELEMENT_NAME);
org.opensaml.saml2.ecp.Response ecpResponse = ecpResponseBuilder.buildObject();
ecpResponse.setSOAP11MustUnderstand(true);
ecpResponse.setSOAP11Actor(org.opensaml.saml2.ecp.Response.SOAP11_ACTOR_NEXT);
ecpResponse.setAssertionConsumerServiceURL("https://localhost:8443/sp"); \
header.getUnknownXMLObjects().add(ecpResponse);
envelope.setHeader(header);
messageContext.setOutboundMessage(envelope);
messageContext.setOutboundSAMLMessage(authResponse);
This is how the message is encoded:
SAMLMessageEncoder encoder = new HTTPSOAP11Encoder();encoder.encode(messageContext);
Does anyone have pointers for adding the soap headers?
Is the above code the correct way to setup and send the response?
[Attachment #5 (text/html)]
<html><body><div style="color:#000; background-color:#fff; font-family:tahoma, new \
york, times, serif;font-size:10pt">All,<br> <div style="font-family: tahoma, new \
york, times, serif; font-size: 10pt;"><div style="font-family: times new roman, new \
york, times, serif; font-size: 12pt;"><div id="yiv382733"><div><div \
style="color:#000;background-color:#fff;font-family:tahoma, new york, times, \
serif;font-size:10pt;">
<div class="yiv382733MsoNormal">I have a question about the <span \
class="yiv382733yshortcuts yiv382733cs4-visible" \
id="yiv382733lw_1355273664_0">ECP</span> Profile implementation. I can send a saml \
response to the ECP Client. This is how my response looks like:</div>
<div class="yiv382733MsoNormal"><?xml version="1.0"
encoding="UTF-8"?></div>
<div class="yiv382733MsoNormal"><soap11:Envelope xmlns:soap11="<a rel="nofollow" \
target="_blank" href="http://schemas.xmlsoap.org/soap/envelope/"><span \
class="yiv382733" id="yiv382733lw_1355273664_1">http://schemas.xmlsoap.org/soap/envelope/</span></a>"></div>
<div class="yiv382733MsoNormal"> <soap11:Body></div>
<div class="yiv382733MsoNormal"> \
<saml2p:Response……</div>
<div class="yiv382733MsoNormal">
<saml2:Assertion……</div>
<div class="yiv382733MsoNormal">
</saml2:Assertion></div>
<div class="yiv382733MsoNormal"> \
</saml2p:Response></div>
<div class="yiv382733MsoNormal"> </soap11:Body></div>
<div class="yiv382733MsoNormal"></soap11:Envelope></div>
<div class="yiv382733MsoNormal"> </div>
<div class="yiv382733MsoNormal">The response is missing the soap header element and \
the ecp:Response element. The response should look like :</div>
<div class="yiv382733MsoNormal"><SOAP-ENV:Envelope</div>
<div class="yiv382733MsoNormal">xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"</div>
<div class="yiv382733MsoNormal">xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"</div>
<div class="yiv382733MsoNormal">xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"></div>
<div class="yiv382733MsoNormal"><SOAP-ENV:Header></div>
<div class="yiv382733MsoNormal">
<ecp:Response SOAP-ENV:mustUnderstand="1" </div>
<div class="yiv382733MsoNormal">
SOAP-ENV:actor="<a rel="nofollow" \
target="_blank" href="http://schemas.xmlsoap.org/soap/actor/next"><span \
class="yiv382733" id="yiv382733lw_1355273664_2">http://schemas.xmlsoap.org/soap/actor/next</span></a>"</div>
<div class="yiv382733MsoNormal">
AssertionConsumerServiceURL="<a rel="nofollow" target="_blank" \
href="https://serviceprovider.example.com/ecp_assertion_consumer">https://ServiceProvider.example.com/ecp_assertion_consumer</a>"/></div>
<div class="yiv382733MsoNormal"></SOAP-ENV:Header></div>
<div class="yiv382733MsoNormal"><SOAP-ENV:Body></div>
<div class="yiv382733MsoNormal"><samlp:Response> ... \
</samlp:Response></div>
<div class="yiv382733MsoNormal"></SOAP-ENV:Body></div>
<div class="yiv382733MsoNormal"></SOAP-ENV:Envelope></div>
<div class="yiv382733MsoNormal"> </div>
<div class="yiv382733MsoNormal">I have tried a number of ways to include the header, \
but it is not being set. This is how I have done it:<span \
class="yiv382733tab"> </span><span \
class="yiv382733tab"> </span><span \
class="yiv382733tab"> </span><span \
class="yiv382733tab"> </span>
<div class="yiv382733MsoNormal"><span class="yiv382733tab"> \
</span><span class="yiv382733tab"> </span><span \
class="yiv382733tab"> </span><span \
class="yiv382733tab"> </span><span \
class="yiv382733tab"> </span><span \
style="color:#4F81BD;">HttpServletResponseAdapter outTransport = new \
HttpServletResponseAdapter(httpResponse, false);</span> \
<br></div></div>
<div class="yiv382733MsoNormal" style="margin-left:.5in;text-indent:.5in;"><u><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">BasicSAMLMessageContext</span></u><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;"> messageContext = \
<b>new</b> <u>BasicSAMLMessageContext</u>();</span><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
</span>
</div><div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
messageContext.setOutboundMessageTransport(outTransport);</span><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
</span>
</div><div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
SOAPObjectBuilder<Envelope> envelopeBuilder =
(SOAPObjectBuilder<Envelope>) \
builderFactory.getBuilder(Envelope.DEFAULT_ELEMENT_NAME);</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
Envelope envelope =
envelopeBuilder.buildObject(); \
</span></div><span style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;"> </span>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;"> & \
nbsp; messageContext.setOutboundMessage(envelope);
</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;"> & \
nbsp; messageContext.setOutboundSAMLMessage(authResponse);</span><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
</span>
</div><div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
SAMLObjectBuilder<org.opensaml.saml2.ecp.Response> ecpResponseBuilder =
(SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>)
builderFactory.getBuilder(org.opensaml.saml2.ecp.Response.DEFAULT_ELEMENT_NAME);</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
org.opensaml.saml2.ecp.Response ecpResponse = \
ecpResponseBuilder.buildObject();</span></div><div class="yiv382733MsoNormal" \
style=""><span style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
ecpResponse.setSOAP11MustUnderstand(true);</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
ecpResponse.setSOAP11Actor(org.opensaml.saml2.ecp.Response.SOAP11_ACTOR_NEXT);</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
ecpResponse.setAssertionConsumerServiceURL("<a rel="nofollow" target="_blank" \
href="https://localhost:8443/spring-security-saml2-sample">https://localhost:8443/sp_U \
RL</a>");   \
;
</span></div>
<div class="yiv382733MsoNormal"><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;">
SOAPHelper.addHeaderBlock(messageContext, ecpResponse);</span></div>
<div class="yiv382733MsoNormal"><span \
style="font-size:10.0pt;font-family:Consolas;color:#4F81BD;"> </span></div>
<div class="yiv382733MsoNormal"><span \
style="font-size:10.0pt;font-family:Consolas;">And another way:</span></div>
<div class="yiv382733MsoNormal" style="text-indent:.5in;"><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">SOAPObjectBuilder<Envelope>
envelopeBuilder = <u>(SOAPObjectBuilder<Envelope>)
builderFactory.getBuilder(Envelope.<i>DEFAULT_ELEMENT_NAME</i>)</u>;</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
Envelope envelope =
envelopeBuilder.buildObject(); &n \
bsp;
</span></div><span style="font-size:10.0pt;font-family:Consolas;color:#953735;">  \
; \
</span>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;"> SOAPObjectBuilder<Header>
headerBuilder = <u>(SOAPObjectBuilder<Header>)
builderFactory.getBuilder(Header.<i>DEFAULT_ELEMENT_NAME</i>)</u>;</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
Header header = headerBuilder.buildObject(); </span></div><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;"> </span>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;"> SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>
ecpResponseBuilder = <u>(SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>)
builderFactory.getBuilder(org.opensaml.saml2.ecp.Response.<i>DEFAULT_ELEMENT_NAME</i>)</u>;</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
org.opensaml.saml2.ecp.Response ecpResponse = \
ecpResponseBuilder.buildObject();</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
ecpResponse.setSOAP11MustUnderstand(<b>true</b>);</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
ecpResponse.setSOAP11Actor(org.opensaml.saml2.ecp.Response.<i>SOAP11_ACTOR_NEXT</i>);</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
ecpResponse.setAssertionConsumerServiceURL("<a rel="nofollow" target="_blank" \
href="https://localhost:8443/spring-security-saml2-sample">https://localhost:8443/sp</a>");</span><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
</span>
</div><div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
header.getUnknownXMLObjects().add(ecpResponse);</span></div>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;">
envelope.setHeader(header);</span><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;"> \
</span>
</div><div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;"> <span \
style="background:yellow;">messageContext</span>.setOutboundMessage(envelope);</span></div>
<div class="yiv382733MsoNormal"><span \
style="font-size:10.0pt;font-family:Consolas;color:#953735;"> \
<u><span style="background:yellow;">messageContext</span>.setOutboundSAMLMessage(authResponse)</u>;
</span></div>
<div class="yiv382733MsoNormal"><span style="color:#4F81BD;"> <br></span>This is \
how the message is encoded:<br>
<div class="yiv382733MsoNormal" style=""><span \
style="font-size:10.0pt;font-family:Consolas;color:#E46C0A;
">SAMLMessageEncoder encoder = <b>new</b> HTTPSOAP11Encoder();</span></div>
<span style="font-size:10.0pt;font-family:Consolas;
color:#E46C0A;
">encoder.encode(messageContext);<span style=""> </span></span><br></div>
<div class="yiv382733MsoNormal"> </div>
Does anyone have pointers for adding the soap headers?<br><span \
style="font-size:10.0pt;font-family:Consolas; color:#E46C0A;
"><span style=""><span style="color:rgb(0, 0, 0);">Is the above code the correct way \
to setup and send the \
response?<span></span></span><br></span></span></div></div></div><br> </div> </div> \
</div></body></html>
--
To unsubscribe from this list send an email to dev-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic