如何解密从Shibboleth IdP收到的SAMLResponse
[英]how to decrypt SAMLResponse received from Shibboleth IdP
问题描述
I am a college student trying to implement a service provider plugin for WebSSO in java. 
我是一名试图在Java中为WebSSO实现服务提供商插件的大学生。 I am using Shibboleth IdP as identity provider. 我正在使用Shibboleth IdP作为身份提供者。 I have been able to send the authentication request to IdP and is successfully receiving the response from IdP through a servlet. 我已经能够将身份验证请求发送到IdP,并且已成功通过servlet接收了来自IdP的响应。 I tried decoding the response and was able to get the XMLObject. 我尝试解码响应并能够获取XMLObject。 Now the issue is that the response is encrypted. 现在的问题是响应已加密。 So when I am using 所以当我使用
Assertion assertion = response.getAssertions().get(0);
It basically returns null. 它基本上返回null。 But when I am using 但是当我使用
Assertion assertion = response.getEncryptedAssertions().get(0);
It is not null. 不为空。 So it basically means that the response is encrypted. 因此,它基本上意味着响应是加密的。 Now I don't know the flow of how to decrypt the SAMLReponse. 现在,我不知道如何解密SAMLReponse的流程。 Any pointer, code or suggestion is welcome. 欢迎任何指针,代码或建议。
1 个解决方案
解决方案1
1 已采纳 2014-02-19 09:00:35
You can use something like this(replace yourCredential with your Credential object): 您可以使用这样的事情(更换yourCredential与Credential的对象):
StaticKeyInfoCredentialResolver keyresolver =
new StaticKeyInfoCredentialResolver(yourCredential);
Decrypter samlDecrypter = new Decrypter(null, keyresolver, new InlineEncryptedKeyResolver());
Assertion assertion = samlDecrypter.decrypt(response.getEncryptedAssertions().get(0));
If your scenario is more complicated, a more detailed example can be found here on shibboleth's wiki: Link 如果您的情况更复杂,可以在shibboleth的Wiki上找到更详细的示例: 链接
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.