Hello,
I've been looking into Artifacts with PicketLink. Consider this sample code:
SAML2Response saml2Response = new SAML2Response(); SAML2Object samlObject = saml2Response.getSAML2ObjectFromStream( Test.class.getResourceAsStream("response1.xml"));
Where response1.xml is (taken from the SAML2 wiki page):
<samlp:ArtifactResolve
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
ID="identifier_4"
Version="2.0"
IssueInstant="2004-12-05T09:22:04"
Destination="https://idp.example.org/SAML2/ArtifactResolution">
<saml:Issuer>https://sp.example.com/SAML2</saml:Issuer>
<!-- an ArtifactResolve message SHOULD be signed -->
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">...</ds:Signature>
<samlp:Artifact>''artifact_2''</samlp:Artifact>
</samlp:ArtifactResolve>
There appears to be a problem with the ArtifactResolve parser. The element is not parsed, because of this code in SAMLRequestAbstractParser:
protected void parseCommonElements(StartElement startElement, XMLEventReader xmlEventReader, RequestAbstractType request) throws ParsingException { .... } else if (JBossSAMLConstants.SIGNATURE.get().equals(elementName)) { request.setSignature(StaxParserUtil.getDOMElement(xmlEventReader)); } }
The call to StaxParserUtil.getDOMElement(xmlEventReader) seems to consume the and elements. I appreciate PicketLink doesn't currently support Artifacts so this is not "supported", but does anyone (Anil?) know why this happens? Can we fix this? John