Re: add SAML TOKEN to SOAP header

Fri, 04 Apr 2014 02:11:26 -0700 

As the error message says, "IssueInstant" is a required attribute of a SAML
2.0 assertion. Do you have control over the generation of the SAML token?
The SAML Token is technically invalid without this attribute. If not, then
an alternative is for you to extend the SamlAssertionValidator in WSS4J +
override the "validateAssertion" method, not to validate the received
assertion against the schemas. You can then plug this Validator into CXF
via a jax-ws property "ws-security.saml2.validator".

Colm.


On Fri, Apr 4, 2014 at 4:48 AM, chaij <jin.c...@indigoarc.com> wrote:

> This is caused by modifying the SAML Assertion token with pretty-print and
> saved. Once get pass this exception, I am now getting a different
> exception;
>
> Caused by: org.opensaml.xml.validation.ValidationException: IssueInstant is
> required attribute
>         at
>
> org.opensaml.saml2.core.validator.AssertionSchemaValidator.validateIssueInstant(AssertionSchemaValidator.java:91)[156:org.apache.servicemix.bundles.opensaml:2.5.3.1]
>         at
>
> org.opensaml.saml2.core.validator.AssertionSchemaValidator.validate(AssertionSchemaValidator.java:44)[156:org.apache.servicemix.bundles.opensaml:2.5.3.1]
>         at
>
> org.opensaml.saml2.core.validator.AssertionSchemaValidator.validate(AssertionSchemaValidator.java:32)[156:org.apache.servicemix.bundles.opensaml:2.5.3.1]
>         at
>
> org.opensaml.xml.validation.ValidatorSuite.performValidation(ValidatorSuite.java:169)[156:org.apache.servicemix.bundles.opensaml:2.5.3.1]
>         at
>
> org.opensaml.xml.validation.ValidatorSuite.performValidation(ValidatorSuite.java:152)[156:org.apache.servicemix.bundles.opensaml:2.5.3.1]
>         at
>
> org.opensaml.xml.validation.ValidatorSuite.validate(ValidatorSuite.java:83)[156:org.apache.servicemix.bundles.opensaml:2.5.3.1]
>         at
>
> org.apache.ws.security.validate.SamlAssertionValidator.validateAssertion(SamlAssertionValidator.java:189)[159:org.apache.ws.security.wss4j:1.6.12]
>         ... 28 more
>
>
>
> --
> View this message in context:
> http://camel.465427.n5.nabble.com/add-SAML-TOKEN-to-SOAP-header-tp5749520p5749761.html
> Sent from the Camel - Users mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to