2 Replies Latest reply on Oct 4, 2012 9:03 AM by Michael Gustafsson

    Getting hold of the assertion and attributes from the "inside"?

    Michael Gustafsson Newbie

      I've been trying loads of different ways to get hold of the information inside the SAML assertion, or at least the attributes in it. But I can not find the proper documentation or any good examples (except for the WS-trust scenario). But surely this can be done?

       

      This is vital to what I am trying to solve, one of the attributes in the assertion are essential (not the userId) to be able to execute what is required. How do a go about this in my SP... any context container or similar since I failed to find the information in the http headers and the session variables. Or am I just blind AND dumb

       

      Cheers

       

      /Mike

        • 1. Re: Getting hold of the assertion and attributes from the "inside"?
          Michael Gustafsson Newbie

          Rephrased my question and hopefully simplified it somewhat

          • 2. Re: Getting hold of the assertion and attributes from the "inside"?
            Michael Gustafsson Newbie

            Replying to myself now that I found one way forward at least, this little piece of code solved my issue:

             

            Map<String, List<Object>> sessionMap = (Map<String, List<Object>>) request.getSession().getAttribute(GeneralConstants.SESSION_ATTRIBUTE_MAP);

            List<String> roles = new ArrayList<String>();

            if (sessionMap != null)

            {

                 Iterator<Entry<String, List<Object>>> iterator = sessionMap.entrySet().iterator();

                 while(iterator.hasNext())

                 {

                     Entry<String, List<Object>> mapEntry = iterator.next();

                     System.out.println("The attribute name: " + mapEntry.getKey() + ", attribute value: " + mapEntry.getValue());

             

                     // Adding the found attributes/roles for the later XACML request

                     roles.add(mapEntry.getValue().toString().replace("[", "").replace("]", ""));

            ....

             

            Perhaps more elegant solutions available, but this way I could at least extract the attributes/roles for the XACML request and also use one of them i the logic of the SP.

             

            This one will sort of give the same result (Principal name and roles):

             

              SecurityContext securityCtx = SecurityContextAssociation.getSecurityContext();

                                                              Subject subject = securityCtx.getSubjectInfo().getAuthenticatedSubject();

                                                              System.out.println("Subject str: " + subject.toString());

             

            Although I failed when it came to a way for getting hold of either the unparsed assertion in xml or the AssertionType. At the moment the above code will solve my task, but if there are any examples it would be great to know