This documentation is for WSO2 App Manager 1.0.0. View documentation for the latest release.
Processing SAML Response - App Manager 1.0.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

WSO2 App Manager can be configured to send the whole SAML response which has been generated by the identity provider, to the backend web application. You can refer to  ‘Sending SAML response to backendfor more information on this . Once the required configurations are done as given in the guide , base 64 encoded SAML response will be sent to the backend application as a http transport header with name of ‘AppMgtSAML2Response’.


When the web application receives the HTTP request, it can read the request and the encoded SAML response which has been sent as a http header value. When this particular header value is extracted from the request, it can be processed to get the actual SAML response generated from the Identity provider.

Encoded SAML response can be processed with the use of different libraries. Java OpenSAML 2.2.3 library has been used in the following example to process the SAML Response received at the backend. The steps of processing the SAML response are illustrated below.

As the first step, the encoded SAML response should be extracted from the HttpServletRequest.

String samlResponseHeader = request.getHeader("AppMgtSAML2Response");

Then the extracted header value should be decoded using Base64 library

 

byte[] base64DecodedResponse = Base64.decode(samlResponseHeader);

 

After the header value is decoded, then the decoded SAML Response has to be unmarshalled. So that the decoded response should be converted into a input byte stream and create the DOM element object out of the response string.

 

ByteArrayInputStream inputStreams = new ByteArrayInputStream(base64DecodedResponse);
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();

Document document = docBuilder.parse(inputStreams);
Element element = document.getDocumentElement();

 

As the next step, the DOM element is unmarshalled.

UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
XMLObject responseXmlObj = unmarshaller.unmarshall(element);

Ultimately, the XML Object is casted into the SAML 2.0 Response message.

 

Response response = (Response) responseXmlObj;

 

Now the processing of SAML response message is completed and the response is ready. 

Below is the completed implementation of SAML Token Processing Sample.

import org.opensaml.Configuration;
import org.opensaml.DefaultBootstrap;
import org.opensaml.common.SAMLException;
import org.opensaml.saml2.core.Response;
import org.opensaml.xml.ConfigurationException;
import org.opensaml.xml.XMLObject;
import org.opensaml.xml.io.Unmarshaller;
import org.opensaml.xml.io.UnmarshallerFactory;
import org.opensaml.xml.io.UnmarshallingException;
import org.opensaml.xml.util.Base64;
import org.w3c.dom.Document;
import org.w3c.dom.Element;

import javax.servlet.http.HttpServletRequest;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.parsers.ParserConfigurationException;
import java.io.ByteArrayInputStream;


public class SAMLResponseManager {
    
    private static boolean bootStrapped = false;
    public static final String APPM_MGT_SAML2_RESPONSE = "AppMgtSAML2Response";

    public Response processSAMLResponse(HttpServletRequest request) throws Exception {

        //Reading AppMgtSAML2Response header value from the request
        String samlResponseHeader = request.getHeader(APPM_MGT_SAML2_RESPONSE);

        //Decoding the extracted encoded SAML Response
        byte[] base64DecodedResponse = Base64.decode(samlResponseHeader);
        Response response = null;

        //Initializing Open SAML Library
        doBootstrap();

        try {
            //Converting the decoded SAML Response string into DOM object
            ByteArrayInputStream inputStreams = new ByteArrayInputStream(base64DecodedResponse);
            DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
            documentBuilderFactory.setNamespaceAware(true);
            DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
            Document document = docBuilder.parse(inputStreams);
            Element element = document.getDocumentElement();

            //Unmarshalling the element
            UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
            Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
            XMLObject responseXmlObj = unmarshaller.unmarshall(element);
            response = (Response) responseXmlObj;

        } catch (ParserConfigurationException e) {
            throw new SAMLException("Error while parsing the decoded SAML Response", e);
        } catch (UnmarshallingException e) {
            throw new SAMLException("Error while unmarshalling the decoded SAML Response", e);
        }
        return response;

    }
    public static void doBootstrap() throws SAMLException {
      /* Initializing the OpenSAML library */
        if (!bootStrapped) {
            try {
                DefaultBootstrap.bootstrap();
                bootStrapped = true;
            } catch (ConfigurationException e) {
                throw new SAMLException("Error while bootstrapping OpenSAML library", e);
            }
        }
    }

}

 

 

 

  • No labels