Saturday, 8 August 2015

SAML Assertions

An assertion is an information, that contains zero (or) more statements made by SAML authority. SAML assertions are usually describe about a subject, like what resources he can access, life time etc., Subject is represents by <subject> element. Service providers use assertion about a subject, to provide access to resources.

There are three different kinds of assertion statements.
a.   Authentication: These types of statements are usually generated by a SAML authority called Identity provider, to authenticate users and keep track of other information about users.
b.   Attributes: Assertion subject is associated with supplied attributes.
c.    Authorization decision: It is a request to allow the assertion subject to access particular resources.

Following procedure explains step-by-step procedure to create simple assertion.

Step 1: Initialize openSAML library.
DefaultBootstrap.bootstrap();
Above function initialize openSAML library and load default configurations.

Step 2: Get the instance of XMLObjectBuilderFactory.

XMLObjectBuilderFactory builderFactory = Configuration.getBuilderFactory();

This factory gives A builder for XMLObjects.

Step 3: Get SAMLObjectBuilder instance.

SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory.getBuilder(Assertion.DEFAULT_ELEMENT_NAME);

Step 4: Build Assertion object.
Assertion assertion = (Assertion) assertionBuilder.buildObject();

Step 5: Add some data to assertion and write it to console.
assertion.setIssuer("Organization_ABC");
assertion.setID("ADSFQEWQREWRF1222234vfdgth");

AssertionMarshaller marshaller = new AssertionMarshaller();
Element element = marshaller.marshall(assertion);
System.out.println(XMLHelper.prettyPrintXML(element));
import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.common.SAMLObjectBuilder;
import org.opensaml.saml1.core.Assertion;
import org.opensaml.saml1.core.impl.AssertionMarshaller;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.XMLObjectBuilderFactory;
import org.opensaml.xml.io.MarshallingException;
import org.opensaml.xml.util.XMLHelper;
import org.w3c.dom.Element;

public class SimpleAssertion {
  public static void main(String args[]) throws MarshallingException,
      ConfigurationException {

    /* Initializes the OpenSAML library */
    DefaultBootstrap.bootstrap();

    /* Get the instance of XMLObjectBuilderFactory */
    XMLObjectBuilderFactory builderFactory = Configuration
        .getBuilderFactory();

    /* Get SAMLObjectBuilder instance */
    SAMLObjectBuilder assertionBuilder = (SAMLObjectBuilder) builderFactory
        .getBuilder(Assertion.DEFAULT_ELEMENT_NAME);

    /* Build assertion object */
    Assertion assertion = (Assertion) assertionBuilder.buildObject();

    assertion.setIssuer("Organization_ABC");
    assertion.setID("ADSFQEWQREWRF1222234vfdgth");

    AssertionMarshaller marshaller = new AssertionMarshaller();
    Element element = marshaller.marshall(assertion);
    System.out.println(XMLHelper.prettyPrintXML(element));
  }
}


Output
<?xml version="1.0" encoding="UTF-8"?>
<saml1:Assertion AssertionID="ADSFQEWQREWRF1222234vfdgth"
    Issuer="Organization_ABC" MajorVersion="1" MinorVersion="1" xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"/>


Next example explains, how to add authentication statement and authorization statements to assertion.


Prevoius                                                 Next                                                 Home

2 comments:

  1. what are the libraries you are used for this code snippet.please tell me immediately.

    ReplyDelete