0

I've implemented a SAML2 SSO integration with Spring security, and now I'm trying to create a SAMLObject Response from a string() for testing and creating a more robust and safe integration. I've been following multiple projects on Github:

  1. https://github.com/jrowny/java-saml/blob/master/src/com/onelogin/saml/Response.java
  2. https://github.com/oaeproject/SAMLParser/blob/master/src/main/java/org/sakaiproject/SAMLParser/SAMLParser.java

and I've came up with this code:

public static XMLObject stringToSAMLResponse(String samlResponse) throws Exception {
    BasicParserPool parser = new BasicParserPool();
    parser.setNamespaceAware(true);

    StringReader reader = new StringReader(samlResponse);

    Document doc = parser.parse(reader);
    Element samlElement = doc.getDocumentElement();

    UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
    Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(samlElement);
    if (unmarshaller == null) {
        throw new Exception("Failed to unmarshal");
    }
    return unmarshaller.unmarshall(samlElement);
}

Unfortunately, this method just doesn't work, I'm getting the following stack trace:

java.lang.Exception: Failed to unmarshal
    at com.clarisite.clingine.clinginewebinterface.security.SAMLUtils.stringToSAMLResponse(SAMLUtils.java:27)
    at com.clarisite.clingine.clinginewebinterface.security.SAMLUtilsTest.samlResponseStringToResponseTest(SAMLUtilsTest.java:22)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
    at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
    at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
    at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
    at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
    at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
    at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
    at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
    at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
    at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
    at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
    at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
    at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
    at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68)
    at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47)
    at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242)
    at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70

The String I'm trying to parse is something like this: https://www.samltool.com/generic_sso_res.php

chenrui
  • 8,910
  • 3
  • 33
  • 43
Omri Shneor
  • 965
  • 3
  • 18
  • 34

1 Answers1

0

The answer to this question was in this post: Opensaml error receiving correct unmarshaller I had to first Initialize the library, and then I could run properly that snippet of code. My problem was occurred using openSAML-2.6. Hope this helps anyone.

Omri Shneor
  • 965
  • 3
  • 18
  • 34