All,
I have a question about the ECP Profile implementation. I
can send a saml response to the ECP Client. This is how my response looks like:
<?xml version="1.0"
encoding="UTF-8"?>
<soap11:Body>
<saml2p:Response……
<saml2:Assertion……
</saml2:Assertion>
</saml2p:Response>
</soap11:Body>
</soap11:Envelope>
The response is missing the soap header element and the
ecp:Response element. The response should look like :
<SOAP-ENV:Envelope
xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
<SOAP-ENV:Header>
<ecp:Response SOAP-ENV:mustUnderstand="1"
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<samlp:Response> ... </samlp:Response>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I have tried a number of ways to include the header, but it
is not being set. This is how I have done it:
BasicSAMLMessageContext messageContext = new
BasicSAMLMessageContext();
messageContext.setOutboundMessageTransport(outTransport);
SOAPObjectBuilder<Envelope> envelopeBuilder =
(SOAPObjectBuilder<Envelope>) builderFactory.getBuilder(Envelope.DEFAULT_ELEMENT_NAME);
Envelope envelope =
envelopeBuilder.buildObject();
messageContext.setOutboundMessage(envelope);
messageContext.setOutboundSAMLMessage(authResponse);
SAMLObjectBuilder<org.opensaml.saml2.ecp.Response> ecpResponseBuilder =
(SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>)
builderFactory.getBuilder(org.opensaml.saml2.ecp.Response.DEFAULT_ELEMENT_NAME);
org.opensaml.saml2.ecp.Response ecpResponse = ecpResponseBuilder.buildObject();
ecpResponse.setSOAP11MustUnderstand(true);
ecpResponse.setSOAP11Actor(org.opensaml.saml2.ecp.Response.SOAP11_ACTOR_NEXT);
SOAPHelper.addHeaderBlock(messageContext, ecpResponse);
And
another way:
SOAPObjectBuilder<Envelope>
envelopeBuilder = (SOAPObjectBuilder<Envelope>)
builderFactory.getBuilder(Envelope.DEFAULT_ELEMENT_NAME);
Envelope envelope =
envelopeBuilder.buildObject();
SOAPObjectBuilder<Header>
headerBuilder = (SOAPObjectBuilder<Header>)
builderFactory.getBuilder(Header.DEFAULT_ELEMENT_NAME);
Header header = headerBuilder.buildObject();
SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>
ecpResponseBuilder = (SAMLObjectBuilder<org.opensaml.saml2.ecp.Response>)
builderFactory.getBuilder(org.opensaml.saml2.ecp.Response.DEFAULT_ELEMENT_NAME);
org.opensaml.saml2.ecp.Response ecpResponse = ecpResponseBuilder.buildObject();
ecpResponse.setSOAP11MustUnderstand(true);
ecpResponse.setSOAP11Actor(org.opensaml.saml2.ecp.Response.SOAP11_ACTOR_NEXT);
header.getUnknownXMLObjects().add(ecpResponse);
envelope.setHeader(header);
messageContext.setOutboundMessage(envelope);
messageContext.setOutboundSAMLMessage(authResponse);
Does anyone have pointers for adding the soap headers?