[英]Saml Assertion Decryption using java code
錯誤:
Exception in thread "main" org.opensaml.xml.io.UnmarshallingException: the assertion does not appear to be encrypted
at AssertionDecrypter.unmarshallEncryptedAssertion(AssertionDecrypter.java:162)
at AssertionDecrypter.decryptAssertion(AssertionDecrypter.java:119)
at AssertionDecrypter.<init>(AssertionDecrypter.java:67)
at Saml2AssertionEncoding.main(Saml2AssertionEncoding.java:112)
Caused by: java.lang.ClassCastException: org.opensaml.saml1.core.impl.ResponseImpl cannot be cast to org.opensaml.saml2.core.EncryptedAssertion
at AssertionDecrypter.unmarshallEncryptedAssertion(AssertionDecrypter.java:157)
... 3 more
我的Java代碼
我的寶
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-core</artifactId>
<version>3.1.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
<version>2.0.8</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml</artifactId>
<version>2.6.4</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml-saml-impl</artifactId>
<version>3.3.0</version>
<scope>test</scope>
</dependency>
<dependency>
<!-- <groupId>org.opensaml</groupId> <artifactId>xmltooling</artifactId>
<version>1.3.1</version>
<groupId>org.opensaml</groupId>
<artifactId>xmltooling</artifactId>
<version>1.4.4</version> -->
<groupId>org.opensaml</groupId>
<artifactId>xmltooling</artifactId>
<version>1.3.1</version>
</dependency>
<dependency>
<groupId>com.jcabi</groupId>
<artifactId>jcabi-aspects</artifactId>
<version>0.22</version>
</dependency>
<dependency>
<groupId>org.aspectj</groupId>
<artifactId>aspectjrt</artifactId>
<version>1.8.3</version>
</dependency>
<dependency>
<groupId>com.jcabi</groupId>
<artifactId>jcabi-xml</artifactId>
<version>0.16.2</version>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-nop</artifactId>
<version>1.7.5</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>openws</artifactId>
<version>1.4.1</version>
</dependency>
<dependency>
<groupId>org.opensaml</groupId>
<artifactId>opensaml</artifactId>
<version>2.2.1</version>
</dependency>
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-core</artifactId>
<version>4.1.0.RELEASE</version>
</dependency>
</dependencies>
看來您需要調試加密的XML元素。 您可以檢查document.getDocumentElements()
的內容是否是正確的XML嗎?
我猜它為空或為空。 從上述函數成功獲取原始XML元素后,您可以將XML解密為純文本。 例如,此站點SAML斷言解密-SAML解密XML工具-解密SAML響應
好吧,似乎有兩件事是錯誤的。
看來您不小心嘗試解密響應對象而不是包含的斷言。 你應該做
Response response = unmarshaller.unmarshall(...);
return (EncryptedAssertion) response.getEncryptedAssertions().get(0)
前提是您知道響應中僅發送一個斷言。
但是,似乎您收到的是SAML 1響應消息,而不是SAML2。我不是SAML 1的專家,但似乎不支持加密聲明。
因此,首先將協議版本與發送消息的版本進行排序,然后確保返回加密的斷言而不是響應對象。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.