Page History

Versions Compared

Key

This line was added.
This line was removed.
Formatting was changed.

...

Code Block
// Hent Identity Token fra STS svar IdentityToken identityTokenResponse = consumerStsResponse.getIdentityToken(); // Verificer at det er et IDWS token samt at assurance level og audience er som forventet Assert.assertEquals("DK-SAML-2.0", identityTokenResponse.getSpecVersion()); Assert.assertEquals("3", identityTokenResponse.getAssuranceLevel()); Assert.assertEquals("http://fmk-online.dk", identityTokenResponse.getAudienceRestriction());

Code Block

// Hent Identity Token fra STS svar
IdentityToken identityTokenResponse = consumerStsResponse.getIdentityToken();

// Verificer at det er et IDWS token samt at assurance level og audience er som forventet
Assert.assertEquals("DK-SAML-2.0", identityTokenResponse.getSpecVersion());
Assert.assertEquals("3", identityTokenResponse.getAssuranceLevel());
Assert.assertEquals("http://fmk-online.dk", identityTokenResponse.getAudienceRestriction());

Service Request

TO-DO

Service Response

...

Når vi har STS svaret kan service requestet opbygges. Først skal der opbygges et IDWS request med den Body der passer til den service der skal kaldes. Den kan se sådan her ud, hvor Body elementet ikke er udfyldt:

Code Block
<?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <soapenv:Header /> <soapenv:Body> ... </soapenv:Body> </soapenv:Envelope>

Code Block

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <soapenv:Header />
    <soapenv:Body>
        ...
    </soapenv:Body>
</soapenv:Envelope>

Nu kan man så bruge Seal.Java til at berige dette request med det Identity Token der findes i STS svaret (identityTokenResponse) og signere det:

Code Block
LibertyRequestDOMEnhancer enhancer = oioidwsFactory.createRequestDOMEnhancer(serviceConsumerRequestDocument); enhancer.setIdentityToken(identityTokenResponse); enhancer.setWSAddressingMessageID(messageIdSupplier.get()); enhancer.setWSAddressingAction(soapAction); enhancer.enhanceAndSign();

Code Block

LibertyRequestDOMEnhancer enhancer = oioidwsFactory.createRequestDOMEnhancer(serviceConsumerRequestDocument);

enhancer.setIdentityToken(identityTokenResponse);
enhancer.setWSAddressingMessageID(messageIdSupplier.get());
enhancer.setWSAddressingAction(soapAction);
enhancer.enhanceAndSign();

Service requestet kan nu sendes til servicen over netværket:

Code Block
// Konverter til XML så det kan sendes over netværket String serviceConsumerRequestXml = XmlUtil.node2String(serviceConsumerRequestDocument, false, true);

Service Response

Komplet eksempel (incl. STS delen)

...

Content

Space Tools

Versions Compared

Old Version 8

New Version 9

Key

Service Request

Service Response

Service Response

Komplet eksempel (incl. STS delen)