[英]Saml Assertion Decryption using java code
错误:
Exception in thread "main" org.opensaml.xml.io.UnmarshallingException: the assertion does not appear to be encrypted
at AssertionDecrypter.unmarshallEncryptedAssertion(AssertionDecrypter.java:162)
at AssertionDecrypter.decryptAssertion(AssertionDecrypter.java:119)
at AssertionDecrypter.<init>(AssertionDecrypter.java:67)
at Saml2AssertionEncoding.main(Saml2AssertionEncoding.java:112)
Caused by: java.lang.ClassCastException: org.opensaml.saml1.core.impl.ResponseImpl cannot be cast to org.opensaml.saml2.core.EncryptedAssertion
at AssertionDecrypter.unmarshallEncryptedAssertion(AssertionDecrypter.java:157)
... 3 more
我的Java代码
我的宝
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-core</artifactId>
<version>3.1.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>2.0.8</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml</artifactId>
<version>2.6.4</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-saml-impl</artifactId>
<version>3.3.0</version>
<scope>test</scope>
</dependency>
<dependency>
<!-- <groupId>org.opensaml</groupId> <artifactId>xmltooling</artifactId>
<version>1.3.1</version>
<groupId>org.opensaml</groupId>
<artifactId>xmltooling</artifactId>
<version>1.4.4</version> -->
<groupId>org.opensaml</groupId>
<artifactId>xmltooling</artifactId>
<version>1.3.1</version>
</dependency>
<dependency>
<groupId>com.jcabi</groupId>
<artifactId>jcabi-aspects</artifactId>
<version>0.22</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>1.8.3</version>
</dependency>
<dependency>
<groupId>com.jcabi</groupId>
<artifactId>jcabi-xml</artifactId>
<version>0.16.2</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-nop</artifactId>
<version>1.7.5</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>openws</artifactId>
<version>1.4.1</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml</artifactId>
<version>2.2.1</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>4.1.0.RELEASE</version>
</dependency>
</dependencies>
看来您需要调试加密的XML元素。 您可以检查document.getDocumentElements()
的内容是否是正确的XML吗?
我猜它为空或为空。 从上述函数成功获取原始XML元素后,您可以将XML解密为纯文本。 例如,此站点SAML断言解密-SAML解密XML工具-解密SAML响应
好吧,似乎有两件事是错误的。
看来您不小心尝试解密响应对象而不是包含的断言。 你应该做
Response response = unmarshaller.unmarshall(...);
return (EncryptedAssertion) response.getEncryptedAssertions().get(0)
前提是您知道响应中仅发送一个断言。
但是,似乎您收到的是SAML 1响应消息,而不是SAML2。我不是SAML 1的专家,但似乎不支持加密声明。
因此,首先将协议版本与发送消息的版本进行排序,然后确保返回加密的断言而不是响应对象。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.