Hello,

I've been looking into Artifacts with PicketLink. Consider this sample code:

   SAML2Response saml2Response = new SAML2Response();
   SAML2Object samlObject = saml2Response.getSAML2ObjectFromStream(
         Test.class.getResourceAsStream("response1.xml"));

Where response1.xml is (taken from the SAML2 wiki page):

<samlp:ArtifactResolve

    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"

    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"

    ID="identifier_4"

    Version="2.0"

    IssueInstant="2004-12-05T09:22:04"

    Destination="https://idp.example.org/SAML2/ArtifactResolution">

    <saml:Issuer>https://sp.example.com/SAML2</saml:Issuer>

    <!-- an ArtifactResolve message SHOULD be signed -->

    <ds:Signature

      xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</ds:Signature>

    <samlp:Artifact>''artifact_2''</samlp:Artifact>

  </samlp:ArtifactResolve>

There appears to be a problem with the ArtifactResolve parser. The  element is not parsed, because of this code in SAMLRequestAbstractParser:

    protected void parseCommonElements(StartElement startElement, XMLEventReader xmlEventReader, RequestAbstractType request)
            throws ParsingException {
....
        } else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName)) {
            request.setSignature(StaxParserUtil.getDOMElement(xmlEventReader));
        }
    }

The call to StaxParserUtil.getDOMElement(xmlEventReader) seems to consume the  and  elements.  I appreciate PicketLink doesn't currently support Artifacts so this is not "supported", but does anyone (Anil?) know why this happens? Can we fix this?   John