使用 OpenSAML 3 的 SAML 断言验证

Question

I was trying to validate SAMLResponse assertions using OpenSAML 3. Link: http://shibboleth.net/pipermail/dev/2016-November/008920.html我试图使用 OpenSAML 3 验证 SAMLResponse 断言。链接： http ://shibboleth.net/pipermail/dev/2016-November/008920.html

While i was trying to run the below code, i was getting an exception当我尝试运行以下代码时，出现异常

java.lang.ClassCastException: org.opensaml.ws.soap.soap11.impl.BodyBuilder cannot be cast to org.opensaml.core.xml.XMLObjectBuilder

This was immediately after executing "InitializationService.initialize()".这是在执行“InitializationService.initialize()”之后立即执行的。

   @PostConstruct
   public void init() {

    try {
      InitializationService.initialize();
      DocumentBuilderFactory documentBuilderFactory = 
      DocumentBuilderFactory.newInstance();
      documentBuilderFactory.setNamespaceAware(true);
      docBuilder = documentBuilderFactory.newDocumentBuilder();
      unmarshallerFactory = 
         XMLObjectProviderRegistrySupport.getUnmarshallerFactory();
      } catch (Exception e){
      logger.error("Error: ",e);
      }
   }

Exception Details异常详情

java.lang.ClassCastException: org.opensaml.ws.soap.soap11.impl.BodyBuilder cannot be cast to org.opensaml.core.xml.XMLObjectBuilder
at org.opensaml.core.xml.config.XMLConfigurator.initializeObjectProviders(XMLConfigurator.java:238)
    at org.opensaml.core.xml.config.XMLConfigurator.load(XMLConfigurator.java:203)
    at org.opensaml.core.xml.config.XMLConfigurator.load(XMLConfigurator.java:188)
    at org.opensaml.core.xml.config.XMLConfigurator.load(XMLConfigurator.java:162)
    at org.opensaml.core.xml.config.AbstractXMLObjectProviderInitializer.init(AbstractXMLObjectProviderInitializer.java:52)
    at org.opensaml.core.config.InitializationService.initialize(InitializationService.java:56)

POM聚甲醛

Below are the dependencies considered in the POM以下是 POM 中考虑的依赖项

<dependency>
    <groupId>org.opensaml</groupId>
    <artifactId>xmltooling</artifactId>
    <version>1.4.4</version>
</dependency>

<dependency>
    <groupId>org.opensaml</groupId>
    <artifactId>opensaml-core</artifactId>
    <version>3.1.0</version>
</dependency>

<dependency>
    <groupId>org.opensaml</groupId>
    <artifactId>opensaml-saml-impl</artifactId>
    <version>3.2.0</version>
</dependency>

<dependency>
   <groupId>org.opensaml</groupId>
   <artifactId>opensaml-soap-api</artifactId>
   <version>3.3.0</version>
</dependency>

<dependency>
    <groupId>org.opensaml</groupId>
    <artifactId>opensaml-saml-api</artifactId>
    <version>3.3.0</version>
</dependency>
        
<dependency>
    <groupId>org.apache.santuario</groupId>
    <artifactId>xmlsec</artifactId>
    <version>2.0.7</version>
</dependency>
        
 <dependency>
    <groupId>org.apache.ant</groupId>
    <artifactId>ant</artifactId>
    <version>1.8.2</version>
</dependency>

Appreciate any pointers on this.感谢任何关于此的指针。 Thanks谢谢

Answer 1

You'll want to remove the xmltooling dependency from your POM.您需要从 POM 中删除 xmltooling 依赖项。 It is effectively an OpenSAML 2.0 library, and it causes conflicts like the one you're receiving.它实际上是一个 OpenSAML 2.0 库，它会导致像您收到的那样的冲突。

For more background detail, see an OpenSAML issue that was filed on this, and a Pac4J issue (which is a Java library that uses OpenSAML).欲了解更多背景细节，看到一个OpenSAML问题对已经在本申请和Pac4J问题（这是使用OpenSAML一个Java库）。

使用 OpenSAML 3 的 SAML 断言验证

问题描述

Exception Details异常详情

POM聚甲醛

1 个解决方案

解决方案1
0 2018-12-08 17:02:54

使用 OpenSAML 3 的 SAML 断言验证

问题描述

Exception Details异常详情

POM聚甲醛

1 个解决方案

解决方案1 0 2018-12-08 17:02:54

解决方案1
0 2018-12-08 17:02:54