Get assertion values

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Get assertion values

epleisman

All,

 

I want to get the values from an IdP SAML2 assertion.

I have written a custom SAML2ServiceProviderAdapter in java.

Can anyone let me know in which method I would get the assertions and how?

I want to be able to get an asserted username and check against a JDBC compliant DB if that username exists.

 

Thanks!

 


Edward P. Leisman

Software Development Manager, Predictive Solutions
__________________________

Description: Description: Description: logo

An Industrial Scientific Company

 

“We save lives by predicting workplace injuries"

 

1 Life Way

Pittsburgh, PA 15205

United States

Office:

+1 800-338-3287 (x1642)

Direct:

+1 412-788-0400 (x1642)

Email:

[hidden email]

Web:

http://www.predictivesolutions.com

 

 


_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: Get assertion values

Andy Cory
Hi Edward

In your SAML2ServiceProviderAdapter, override the postSingleSignOnSuccess method; one of the objects passed in is a ‘Response’, which represents the SAMLResponse from the IdP. Assuming the most common case in which there is only one assertion in your response, you can use code similar to this to get the NameID of the assertion subject as a string.

        List assertions = ssoResponse.getAssertion();
        for (Object assertion : assertions) {
            Assertion assertion1 = (Assertion) assertion;
            String nameId = assertion1.getSubject().getNameID().getValue();
        }

Regards,
Andy

From: <[hidden email]> on behalf of "Leisman, Edward" <[hidden email]>
Reply-To: Users <[hidden email]>
Date: Wednesday, 23 March 2016 at 17:03
To: "[hidden email]" <[hidden email]>
Subject: [OpenAM] Get assertion values

All,

 

I want to get the values from an IdP SAML2 assertion.

I have written a custom SAML2ServiceProviderAdapter in java.

Can anyone let me know in which method I would get the assertions and how?

I want to be able to get an asserted username and check against a JDBC compliant DB if that username exists.

 

Thanks!

 


Edward P. Leisman

Software Development Manager, Predictive Solutions
__________________________

Description: Description: Description: logo

An Industrial Scientific Company

 

“We save lives by predicting workplace injuries"

 

1 Life Way

Pittsburgh, PA 15205

United States

Office:

+1 800-338-3287 (x1642)

Direct:

+1 412-788-0400 (x1642)

Email:

[hidden email]

Web:

http://www.predictivesolutions.com

 

 





This email has been scanned for all viruses.

Please consider the environment before printing this email.

The content of this email and any attachment is private and may be privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised. If you have received this email in error please notify the sender by email and delete this message and any attachments immediately. Nothing in this email shall bind the Company or any of its subsidiaries or businesses in any contract or obligation, unless we have specifically agreed to be bound.

KCOM Group PLC is a public limited company incorporated in England and Wales, company number 02150618 and whose registered office is at 37 Carr Lane, Hull, HU1 3RE.


_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: Get assertion values

epleisman

What if I want to get other values asserted, like uid, email, telephone (for example)?

 


Edward P. Leisman

Software Development Manager, Predictive Solutions
__________________________

Description: Description: Description: logo

An Industrial Scientific Company

 

“We save lives by predicting workplace injuries"

 

1 Life Way

Pittsburgh, PA 15205

United States

Office:

+1 800-338-3287 (x1642)

Direct:

+1 412-788-0400 (x1642)

Email:

[hidden email]

Web:

http://www.predictivesolutions.com

 

 

From: [hidden email] [mailto:[hidden email]] On Behalf Of Andy Cory
Sent: Wednesday, March 23, 2016 7:34 PM
To: Users <[hidden email]>
Subject: [EXTERNAL] Re: [OpenAM] Get assertion values

 

Hi Edward

 

In your SAML2ServiceProviderAdapter, override the postSingleSignOnSuccess method; one of the objects passed in is a ‘Response’, which represents the SAMLResponse from the IdP. Assuming the most common case in which there is only one assertion in your response, you can use code similar to this to get the NameID of the assertion subject as a string.

 

        List assertions = ssoResponse.getAssertion();

        for (Object assertion : assertions) {

            Assertion assertion1 = (Assertion) assertion;

            String nameId = assertion1.getSubject().getNameID().getValue();

        }

 

Regards,

Andy

 

From: <[hidden email]> on behalf of "Leisman, Edward" <[hidden email]>
Reply-To: Users <[hidden email]>
Date: Wednesday, 23 March 2016 at 17:03
To: "[hidden email]" <[hidden email]>
Subject: [OpenAM] Get assertion values

 

All,

 

I want to get the values from an IdP SAML2 assertion.

I have written a custom SAML2ServiceProviderAdapter in java.

Can anyone let me know in which method I would get the assertions and how?

I want to be able to get an asserted username and check against a JDBC compliant DB if that username exists.

 

Thanks!

 


Edward P. Leisman

Software Development Manager, Predictive Solutions
__________________________

Description: Description: Description: logo

An Industrial Scientific Company

 

“We save lives by predicting workplace injuries"

 

1 Life Way

Pittsburgh, PA 15205

United States

Office:

+1 800-338-3287 (x1642)

Direct:

+1 412-788-0400 (x1642)

Email:

[hidden email]

Web:

http://www.predictivesolutions.com

 

 





This email has been scanned for all viruses.

Please consider the environment before printing this email.

The content of this email and any attachment is private and may be privileged. If you are not the intended recipient, any use, disclosure, copying or forwarding of this email and/or its attachments is unauthorised. If you have received this email in error please notify the sender by email and delete this message and any attachments immediately. Nothing in this email shall bind the Company or any of its subsidiaries or businesses in any contract or obligation, unless we have specifically agreed to be bound.

KCOM Group PLC is a public limited company incorporated in England and Wales, company number 02150618 and whose registered office is at 37 Carr Lane, Hull, HU1 3RE.


_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam
Reply | Threaded
Open this post in threaded view
|

Re: Get assertion values

Bernhard Thalmayr
Am 24/03/16 um 15:07 schrieb Leisman, Edward:
> What if I want to get other values asserted, like uid, email, telephone
> (for example)?

Get the statements
(https://backstage.forgerock.com/static/docs/openam/13/apidocs/src-html/com/sun/identity/saml/assertion/AssertionBase.html#line.864)
and iterate over them. You are looking for 'AttributeStatements'.

-Bernhard

>
>  
>
>
> *Edward P. Leisman***
>
> Software Development Manager, Predictive Solutions
> __________________________
>
> *Description: Description: Description: logo*
>
>
>
> *An Industrial Scientific Company*
>
> * *
>
> “We save lives by predicting workplace injuries"
>
>  
>
> 1 Life Way
>
> Pittsburgh, PA 15205
>
> United States
>
> Office:
>
>
>
> +1 800-338-3287 (x1642)
>
> Direct:
>
>
>
> +1 412-788-0400 (x1642)
>
> Email:
>
>
>
> [hidden email] <mailto:[hidden email]>
>
> Web:
>
>
>
> http://www.predictivesolutions.com
>
>  
>
>  
>
> *From:* [hidden email]
> [mailto:[hidden email]] *On Behalf Of *Andy Cory
> *Sent:* Wednesday, March 23, 2016 7:34 PM
> *To:* Users <[hidden email]>
> *Subject:* [EXTERNAL] Re: [OpenAM] Get assertion values
>
>  
>
> Hi Edward
>
>  
>
> In your SAML2ServiceProviderAdapter, override the
> postSingleSignOnSuccess method; one of the objects passed in is a
> ‘Response’, which represents the SAMLResponse from the IdP. Assuming the
> most common case in which there is only one assertion in your response,
> you can use code similar to this to get the NameID of the assertion
> subject as a string.
>
>  
>
>         List assertions = ssoResponse.getAssertion();
>
>         for (Object assertion : assertions) {
>
>             Assertion assertion1 = (Assertion) assertion;
>
>             String nameId = assertion1.getSubject().getNameID().getValue();
>
>         }
>
>  
>
> Regards,
>
> Andy
>
>  
>
> *From: *<[hidden email]
> <mailto:[hidden email]>> on behalf of "Leisman, Edward"
> <[hidden email] <mailto:[hidden email]>>
> *Reply-To: *Users <[hidden email] <mailto:[hidden email]>>
> *Date: *Wednesday, 23 March 2016 at 17:03
> *To: *"[hidden email] <mailto:[hidden email]>"
> <[hidden email] <mailto:[hidden email]>>
> *Subject: *[OpenAM] Get assertion values
>
>  
>
> All,
>
>  
>
> I want to get the values from an IdP SAML2 assertion.
>
> I have written a custom SAML2ServiceProviderAdapter in java.
>
> Can anyone let me know in which method I would get the assertions and how?
>
> I want to be able to get an asserted username and check against a JDBC
> compliant DB if that username exists.
>
>  
>
> Thanks!
>
>  
>
>
> *Edward P. Leisman*
>
> Software Development Manager, Predictive Solutions
> __________________________
>
> *Description: Description: Description: logo*
>
>
>
> *An Industrial Scientific Company*
>
> * *
>
> “We save lives by predicting workplace injuries"
>
>  
>
> 1 Life Way
>
> Pittsburgh, PA 15205
>
> United States
>
> Office:
>
>
>
> +1 800-338-3287 (x1642)
>
> Direct:
>
>
>
> +1 412-788-0400 (x1642)
>
> Email:
>
>
>
> [hidden email] <mailto:[hidden email]>
>
> Web:
>
>
>
> http://www.predictivesolutions.com
>
>  
>
>  
>
>
>
>
>
> This email has been scanned for all viruses.
>
> Please consider the environment before printing this email.
>
> The content of this email and any attachment is private and may be
> privileged. If you are not the intended recipient, any use, disclosure,
> copying or forwarding of this email and/or its attachments is
> unauthorised. If you have received this email in error please notify the
> sender by email and delete this message and any attachments immediately.
> Nothing in this email shall bind the Company or any of its subsidiaries
> or businesses in any contract or obligation, unless we have specifically
> agreed to be bound.
>
> KCOM Group PLC is a public limited company incorporated in England and
> Wales, company number 02150618 and whose registered office is at 37 Carr
> Lane, Hull, HU1 3RE.
>
>
>
> _______________________________________________
> Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
> OpenAM mailing list
> [hidden email]
> https://lists.forgerock.org/mailman/listinfo/openam
>


--
Painstaking Minds
IT-Consulting Bernhard Thalmayr
Herxheimer Str. 5, 83620 Vagen (Munich area), Germany
Tel: +49 (0)8062 7769174
Mobile: +49 (0)176 55060699

[hidden email] - Solution Architect
http://www.xing.com/profile/Bernhard_Thalmayr
http://de.linkedin.com/in/bernhardthalmayr

This e-mail may contain confidential and/or privileged information.If
you are not the intended recipient (or have received this email in
error) please notify the sender immediately and delete this e-mail. Any
unauthorized copying, disclosure or distribution of the material in this
e-mail is strictly forbidden.
_______________________________________________
Visit the OpenAM forum at https://forgerock.org/forum/fr-projects/openam/
OpenAM mailing list
[hidden email]
https://lists.forgerock.org/mailman/listinfo/openam