ws-wss4j-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From AyaJava <javasp...@gmail.com>
Subject Encrypt Assertion
Date Mon, 05 Mar 2007 04:32:28 GMT

Hello, I am new to cryptography. I have added an assertion to the security
header, and want to be able to encrypt the assertion with AES 256 and
digitally sign the entire xml message. I am not sure what is the next step
to take. I tried using 
            WSSecEncrypt builder = new WSSecEncrypt();
            builder.setUserInfo("wss4jcert");
            builder.setKeyIdentifierType(WSConstants.ISSUER_SERIAL);
            builder.setSymmetricEncAlgorithm(WSConstants.AES_256);
            Vector parts = new Vector();
            WSEncryptionPart encP =
                new WSEncryptionPart("Assertion",XML.SAML_NS, "Element");
            parts.add(encP);
            builder.setParts(parts);

But this still leaves the Assertion in clear text. Any guidance greatly
appreciated. Thanks.

This is the xml:
<soapenv:Envelope
	xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
	<soapenv:Header>
		<wsse:Security soapenv:mustUnderstand="1"
		
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
			<Assertion AssertionID="faaed2eb3385208e5b9813eb5fc25518"
				IssueInstant="2007-03-05T04:19:46.326Z" Issuer="A R"
				MajorVersion="1" MinorVersion="1"
				xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
				xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
				xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol">
				<Conditions NotBefore="2007-03-05T04:19:46.326Z"
					NotOnOrAfter="2007-03-05T04:19:46.326Z" />
				<AttributeStatement>
					<Subject>
						<NameIdentifier>Book Price quote</NameIdentifier>
					</Subject>
					<Attribute AttributeName="ISBN"
						AttributeNamespace="urn:oasis:names:tc:SAML:1.0:assertion"
						xmlns:xsd="http://www.w3.org/2001/XMLSchema"
						xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
						<AttributeValue>01234567890</AttributeValue>
					</Attribute>
				</AttributeStatement>
			</Assertion>
		</wsse:Security>
	</soapenv:Header>
	<soapenv:Body />
</soapenv:Envelope>

This is the code

SOAPEnvelope unsignedEnvelope = message.getSOAPEnvelope();
            Document doc = unsignedEnvelope.getAsDocument();
            WSSecHeader secHeader = new WSSecHeader();
            secHeader.insertSecurityHeader(doc);
            
            WSSecSAMLToken samlToken = new WSSecSAMLToken();
            SAMLAssertion assertion = new SAMLAssertion();
            assertion.setNotBefore(new Date());
            assertion.setNotOnOrAfter(new Date());
            assertion.setIssueInstant(new Date());
            assertion.setIssuer("A R");
            
            
            SAMLAttributeStatement attribStatement = new
SAMLAttributeStatement();

            SAMLAttribute attrib = new SAMLAttribute();
            attrib.addValue("1234567890");
            attrib.setName("ISBN");
            attrib.setNamespace(XML.SAML_NS);
            attribStatement.addAttribute(attrib);

            SAMLSubject subject = new SAMLSubject();
            SAMLNameIdentifier nameId = new SAMLNameIdentifier();
            nameId.setName("Book Price quote");
            subject.setName(nameId);
            attribStatement.setSubject(subject);

            assertion.addStatement(attribStatement);

            samlToken.build(doc, assertion, secHeader);
-- 
View this message in context: http://www.nabble.com/Encrypt-Assertion-tf3345610.html#a9304562
Sent from the WSS4J mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org


Mime
View raw message