1 Reply Latest reply on Jun 24, 2014 10:31 AM by claudio4j

Picketlink SAML SEAM module - "Encountered encrypted assertion. Skipping it because decryption is not yet supported."

danielruiz Jun 5, 2014 12:32 PM

Hello,

i'm trying to use SAML authentication with a seam 2.3 application. Right now the applicaction is able to request the IDP for authentication and when the user fills username and password correctly it sends back the response. The problem is the assertions the IDP sends are encrypted and it seems not to be supported by the module. Using the debugger i've reached the point (at class org.picketlink.identity.seam.federation.SamlSingleSignOnReceiver) where the following message is displayed:

"Encountered encrypted assertion. Skipping it because decryption is not yet supported."

Is this decryption supported in any version of the seam module? I'm using 1.0.4

In case not, what are the posbile options? Is there any other way to use SAML whit seam 2.3?

Thank you very much,

Daniel

1. Re: Picketlink SAML SEAM module - "Encountered encrypted assertion. Skipping it because decryption is not yet supported."

claudio4j Jun 24, 2014 10:31 AM (in response to danielruiz)

See if this helps to understand the reason behind the integration between PL and se. Use a SeamFilter to create the Seam Identity, and call the authenticator.authenticate to return true.

See a snippet of the Seam Filter

Principal userPrincipal = request.getUserPrincipal();

if (userPrincipal != null && userPrincipal.getName() != null) {
    String username = userPrincipal.getName();
    if (username != null && !identity.isLoggedIn()) {

new ContextualHttpServletRequest(request) {
    @Override
    public void process() throws ServletException, IOException, LoginException {
        Identity identity = Identity.instance();
        identity.getCredentials().setUsername(userPrincipal.getName());
        identity.authenticate();
    }
}.run();