SAML examples
Dale Ogilvie
Dale.Ogilvie at trimble.co.nz
Sun Aug 3 19:01:53 EDT 2008
Michael,
I have placed my code here.
http://www.ja-sig.org/wiki/display/CASC/JASIG+Client+SAML+Saml11TicketVa
lidationFilter+Example
Regards
Dale
-----Original Message-----
From: cas-bounces at tp.its.yale.edu [mailto:cas-bounces at tp.its.yale.edu]
On Behalf Of Michael J. Barton
Sent: Saturday, 2 August 2008 12:32 a.m.
To: Yale CAS mailing list
Subject: SAML examples
Well, I've poured over the mailing lists and what documentation I could
find and I "think" I have everything in place and working for CAS to
return a SAML response (with attributes) using /samlValidate.
Now I need some sample code that demonstrates that things are working
and I can get a SAML response.
Does anyone have a simple JSP (or similar) that would demonstrate a
successful SAML response from CAS?
It doesn't appear to be as easy as just sending valid service and ticket
parameters via the browser.
When I do that, my logs shows:
DEBUG [org.jasig.cas.web.flow.GenerateServiceTicketAction] - Action
'GenerateServiceTicketAction' completed execution; result is 'success'
DEBUG [org.jasig.cas.web.support.SamlArgumentExtractor] - Extractor did
not generate service.
DEBUG [org.jasig.cas.web.view.Saml10FailureResponseView] - Rendering
view with name 'casSamlServiceFailureView' with model
{code=INVALID_REQUEST, description='service' and 'ticket' parameters are
both required} and static attributes {} DEBUG
[org.jasig.cas.web.support.SamlArgumentExtractor] - Extractor did not
generate service.
ERROR
[org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/cas].[c
as]]
- Servlet.service() for servlet cas threw exception
java.lang.NullPointerException...
The NullPointerException appears to be due to the lack of an Extractor,
so the casSamlServiceFailureView dies and I end up with a Server 500
error at the browser. The service and ticket parameters are being sent,
so it's a bit confusing.
[Note, the service has been set up in Service Manager and set to return
two additional attributes. Logs show that that the
CredentialsToLDAPAttributePrincipalResolver is retrieving and populating
attributes and assigning them to the principal]
I came across an old mail list thread that suggests sending SAMLart and
TARGET parameters, but the message states that SAMLart "tickets" are
different than standard service tickets, and I haven't found any more
information on how to create SAMLart tickets or if that is even
necessary and has since been abstracted in client code.
Ultimately, I'm looking to handle the SAML response in .NET, but I'll
take any code anyone has if it will help me figure out how to use
/samlValidate.
Thanks.
More information about the cas
mailing list