Converting assertion to string in OpenSAML 4

Question

I am trying to follow this example: How to create a valid SAML 2.0 Assertion with OpenSAML library in Java and trying to create a SAML response. The code shown is for an older version of OpenSAML. I am using OpenSAML 4.1.1. Apparently XMLHelper is no longer in v.4. I have searched high and low and not found a solution, at least one that makes sense where I can convert the assertion into a string.

Below is the code I have right out of the sample:

        SAMLInputContainer input = new SAMLInputContainer();
        input.strIssuer = "http://synesty.com";
        input.strNameID = "UserJohnSmith";
        input.strNameQualifier = "My Website";
        input.sessionId = "abcdedf1234567";

        Map<String,String> customAttributes = new HashMap<String, String>();
        customAttributes.put("FirstName", "John");
        customAttributes.put("LastName", "Smith");
        customAttributes.put("Email", "john.smith@yahoo.com");
        customAttributes.put("PhoneNumber", "76373898998");
        customAttributes.put("Locality", "USA");
        customAttributes.put("Username", "John.Smith");

        input.attributes = customAttributes;

        Assertion assertion = GenSAMLAssertion.buildDefaultAssertion(input);
        AssertionMarshaller marshaller = new AssertionMarshaller();
        assert assertion != null;
        Element plaintextElement = marshaller.marshall(assertion);
        String originalAssertionString = XMLHelper.nodeToString(plaintextElement);

        System.out.println("Assertion String: " + originalAssertionString);

score 1 · Accepted Answer · answered Jun 14 '22 at 21:40

1

The SerializeSupport class is now used to print XML in OpenSAML.

String originalAssertionString = SerializeSupport.prettyPrintXML(plaintextElement)

As for more current sample code for OpenSAML 4 I have a ongoing series on my blog. As well as accompanying source samples on my Github

A few years ago I also wrote a book on OpenSAML 3. It has not been updated but there are very few changes between 3 and 4.

answered Jun 14 '22 at 21:40

Stefan Rasmusson

5,445
3
21
48

Well, that was simple! I've tried studying all of your material (not the book, yet) but my head was spinning. Now, if I could just solve the change for the builderFactory. – Connie DeCinko Jun 15 '22 at 22:15
Ok, have a look on my helper class OpenSAML utils here https://github.com/rasmusson/OpenSAML-sample-code/blob/main/getting-started-authnrequest/src/main/java/com/samlsecurity/opensamlSamples/gettingStartedAuthnrequest/OpenSAMLUtils.java. The method buildSAMLObject gets a build builder and builds a object. If you think the answer answered your question, please mark it as correct – Stefan Rasmusson Jun 16 '22 at 06:15
@ConnieDeCinko forgot to tag you above – Stefan Rasmusson Jun 18 '22 at 12:33
What about converting a string into an assertion object? @StefanRasmusson – EuberDeveloper Dec 12 '22 at 23:38
This is usually managed by using an encoder. Example https://blog.samlsecurity.com/2011/01/redirect-with-authnrequest.html. But you can do it yourself using an unmarshaller. This is an old example I have in this answer. not sure what the current syntax is. https://stackoverflow.com/questions/49375807/how-to-construct-a-samlobject-from-a-saml-message-string – Stefan Rasmusson Jan 24 '23 at 09:54

Converting assertion to string in OpenSAML 4

1 Answers1