0

I am trying to write a service provider in java. I am using Shibboleth IdP. I am able to send request to the IdP and when I am trying to read the response I am getting the error :

java.lang.IndexOutOfBoundsException: Index: 0 at java.util.Collections$EmptyList.get(Unknown Source) at org.opensaml.xml.util.LazyList.get(LazyList.java:93)

just before:

Assertion assertion = response.getAssertions().get(0); Map resutls = new HashMap();

Any suggestion or pointer will be helpful.

Rohit Pandey
  • 119
  • 4
  • 15
  • How do you read response? Do you have `/secure` as mapped servlet or what? – Akshay Feb 18 '14 at 10:35
  • Hey Akshay. Thanks for replying. Let me explain the flow I'm using. I have a .jsp page on which there is a submit button. When I click on this button the page is redirected to a servlet which creates a SAML Request send it to the IdP. IdP reads this request and returns a SAML response to the same servlet. The same servlet reads the response and depending upon the status it redirects to desired location. After a bit on investigation I figured out that the Parentnode is null while there are children node in the XML file returned. But it is not null when I'm reading it in SAML Trace plugin. – Rohit Pandey Feb 18 '14 at 10:53
  • So after a bit more of investigation I found out that the **response.getEncryptedAssertion()** is working fine. The problem was the assertions were encrypted and hence cannot be retrieved normally firstly the response needs to be decrypted. Now the issue is how to decrypt the SAMLResponse received. – Rohit Pandey Feb 19 '14 at 08:28
  • You might want to have decryption key, either from idp or sp.key and sp.cert from etc folder. – Akshay Feb 19 '14 at 13:23
  • yeah I figured that out. Now the issue is that there are so many methods on the internet to decrypt the assertion I don't know which one to choose. I have my keys in IdP. How to use them? any useful piece of code? Specifically **StaticKeyInfoCredentialResolver keyresolver =new StaticKeyInfoCredentialResolver(yourCredential);** Here what do I put in **yourcredential** attribute. If you can suggest some piece of code. Thanks again. :) :) – Rohit Pandey Feb 19 '14 at 15:37
  • Ok, what have you used here? – Akshay Feb 20 '14 at 09:21
  • I changed the code actually. I didn't use this code. I used the certificates and key info mentioned in **relying-party.xml** and then used some opensaml classes to read required info from these to decrypt and that was it. – Rohit Pandey Feb 20 '14 at 10:28

0 Answers0