0
SAML2 SSOのSpringセキュリティとの統合を実装しましたが、今度はstring()
からSAMLObject
レスポンスを作成してより堅牢で安全な統合を作成しようとしています。Javaの文字列からSAMLレスポンスを作成できません
- https://github.com/jrowny/java-saml/blob/master/src/com/onelogin/saml/Response.java
- https://github.com/oaeproject/SAMLParser/blob/master/src/main/java/org/sakaiproject/SAMLParser/SAMLParser.java
と私は、このコードを思い付いてきました:私はGithubの上で複数のプロジェクトを追ってきた
public static XMLObject stringToSAMLResponse(String samlResponse) throws Exception {
BasicParserPool parser = new BasicParserPool();
parser.setNamespaceAware(true);
StringReader reader = new StringReader(samlResponse);
Document doc = parser.parse(reader);
Element samlElement = doc.getDocumentElement();
UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(samlElement);
if (unmarshaller == null) {
throw new Exception("Failed to unmarshal");
}
return unmarshaller.unmarshall(samlElement);
}
残念ながら、この方法は、ちょうどdoesnの私は次のスタックトレースを取得しています:
java.lang.Exception: Failed to unmarshal
at com.clarisite.clingine.clinginewebinterface.security.SAMLUtils.stringToSAMLResponse(SAMLUtils.java:27)
at com.clarisite.clingine.clinginewebinterface.security.SAMLUtilsTest.samlResponseStringToResponseTest(SAMLUtilsTest.java:22)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:50)
at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:12)
at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:47)
at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:17)
at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:325)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:78)
at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:57)
at org.junit.runners.ParentRunner$3.run(ParentRunner.java:290)
at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:71)
at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:288)
at org.junit.runners.ParentRunner.access$000(ParentRunner.java:58)
at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:268)
at org.junit.runners.ParentRunner.run(ParentRunner.java:363)
at org.junit.runner.JUnitCore.run(JUnitCore.java:137)
at com.intellij.junit4.JUnit4IdeaTestRunner.startRunnerWithArgs(JUnit4IdeaTestRunner.java:68)
at com.intellij.rt.execution.junit.IdeaTestRunner$Repeater.startRunnerWithArgs(IdeaTestRunner.java:47)
at com.intellij.rt.execution.junit.JUnitStarter.prepareStreamsAndStart(JUnitStarter.java:242)
at com.intellij.rt.execution.junit.JUnitStarter.main(JUnitStarter.java:70
私が解析しようとしている文字列は、このようなものです: https://www.samltool.com/generic_sso_res.php