santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From vidar.kong...@bekk.no
Subject Problem: Validating signature with default namespace
Date Sun, 17 Sep 2006 19:34:23 GMT

Hi

I am a XML-signature newbie and I am trying to figure out how to verify an
XML Signature with default namespace:

<samlp:Response
      xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xmlns:xsd="http://www.w3.org/2001/XMLSchema"
      xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" ...>
      <saml:Assertion
            xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" ...>
            <saml:Conditions ...>
                  ...
            </saml:Conditions>
            <saml:AuthenticationStatement ...>...</
saml:AuthenticationStatement>
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                  ...
            </Signature>
      </saml:Assertion>
                  .
I have tried to use the example from
src_samples/org/apache/xml/security/samples/signature/  to do this.

Here is a snippet of my code:

Document doc = builder.parse(new InputSource(new StringReader(xmlString)));
Element sigElement = (Element) XPathAPI.selectSingleNode(doc,
"//Signature[1]");
XMLSignature signature = new XMLSignature(sigElement, "http://");

It fails on the last line, throwing the exception:

org.apache.xml.security.exceptions.XMLSecurityException: Cannot create a
null:null from a http://www.w3.org/2000/09/xmldsig#:Signature element
      at
org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorrectSpace(ElementProxy.java:272)
      at
org.apache.xml.security.utils.ElementProxy.<init>(ElementProxy.java:209)
      at
org.apache.xml.security.utils.SignatureElementProxy.<init>(SignatureElementProxy.java:54)
      at
org.apache.xml.security.signature.XMLSignature.<init>(XMLSignature.java:255)

Any ideas?

Best regards,
Vidar


Mime
View raw message