SAML examples

Michael J. Barton mbarton at Princeton.EDU
Fri Aug 1 08:32:06 EDT 2008 

Well, I've poured over the mailing lists and what documentation I could find
and I "think" I have everything in place and working for CAS to return a
SAML response (with attributes) using /samlValidate.

Now I need some sample code that demonstrates that things are working and I
can get a SAML response.

Does anyone have a simple JSP (or similar) that would demonstrate a
successful SAML response from CAS?

It doesn't appear to be as easy as just sending valid service and ticket
parameters via the browser.  

When I do that, my logs shows:


DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action
'GenerateServiceTicketAction' completed execution; result is 'success'
DEBUG [org.jasig.cas.web.support.SamlArgumentExtractor] - Extractor did not
generate service.
DEBUG [org.jasig.cas.web.view.Saml10FailureResponseView] - Rendering view
with name 'casSamlServiceFailureView' with model {code=INVALID_REQUEST,
description='service' and 'ticket' parameters are both required} and static
attributes {}
DEBUG [org.jasig.cas.web.support.SamlArgumentExtractor] - Extractor did not
generate service.
ERROR
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[cas]]
- Servlet.service() for servlet cas threw exception
java.lang.NullPointerException...


The NullPointerException appears to be due to the lack of an Extractor, so
the casSamlServiceFailureView dies and I end up with a Server 500 error at
the browser.  The service and ticket parameters are being sent, so it's a
bit confusing.

[Note, the service has been set up in Service Manager and set to return two
additional attributes.  Logs show that that the
CredentialsToLDAPAttributePrincipalResolver is retrieving and populating
attributes and assigning them to the principal]

I came across an old mail list thread that suggests sending  SAMLart and
TARGET parameters, but the message states that SAMLart "tickets" are
different than standard service tickets, and I haven't found any more
information on how to create SAMLart tickets or if that is even necessary
and has since been abstracted in client code.


Ultimately, I'm looking to handle the SAML response in .NET, but I'll take
any code anyone has if it will help me figure out how to use /samlValidate.
Thanks.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3165 bytes
Desc: not available
Url : http://tp.its.yale.edu/pipermail/cas/attachments/20080801/64674cb2/attachment.bin

More information about the cas mailing list