When hitting a producer web service with the following SOAP request I get a "invalid security header" message returned. When my test case with Oracle JDK 7, which uses JAX-WS RI 2.2.4-b01, it works fine.
I have to use WSS4j 1.6.0 and IBM JDK 6 as I am on Websphere -- I think the problem is with JAX-WS RI 2.1.6 that comes with IBM JDK 6.
I am trying to get my InclusiveNamspaces to look as follows without the "ec" prefix, as I notice this is one of the things different in the XML request shown below.
<S:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
S:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-A45B0A5E750A47B9AE6EC49A362DB055">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#TS-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="wsse S urn urn1" />
But instead it is coming out with the "ec" prefix
<ec:InclusiveNamespaces PrefixList="wsse S urn urn1" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" />
I have tried this in my code but it does not remove it. Any ideas?
org.apache.xml.security.Init.init();
org.apache.xml.security.utils.ElementProxy.setDefaultPrefix("http://www.w3.org/2001/10/xml-exc-c14n#", "");
Here is a request that works when using Oracle JDK 7, notice that it is using JAX-WS RI 2.2.4-b01
POST /airp/aca/a2a/1095BC_Transmission_AATS2016 HTTP/1.1
Accept: text/xml, multipart/related
Content-Type: multipart/related;start="
<rootpart * d2bbd41-479c-4851-b6fb-5de42ba6573f #
example.jaxws.sun.com>
";type="application/xop+xml";boundary="uuid:6d2bbd41-479c-4851-b6fb-5de42ba6573f";start-info="text/xml"
SOAPAction: "BulkRequestTransmitter"
User-Agent: JAX-WS RI 2.2.4-b01
Host: la.www4.irs.gov
Connection: keep-alive
Content-Length: 325083
--uuid:6d2bbd41-479c-4851-b6fb-5de42ba6573f
Content-Id:
<rootpart * d2bbd41-479c-4851-b6fb-5de42ba6573f #
example.jaxws.sun.com>
Content-Type: application/xop+xml;charset=utf-8;type="text/xml"
Content-Transfer-Encoding: binary
<?xml version="1.0" ?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:urn="urn:us:gov:treasury:irs:ext:aca:air:7.0" xmlns:urn1="urn:us:gov:treasury:irs:common">
<S:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
S:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-DEE23B9A923D4A3CA3211DF2A3CD881A">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#TS-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="wsse S urn urn1"></InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>removed=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-4A79A4500D834A1688F0255D34F4B90A">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="S urn1"></InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>removed=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-1447A9BC79B048418D358EF9F861A302">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="S urn urn1"></InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>removed=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>removed==</ds:SignatureValue>
<ds:KeyInfo Id="KI-F84482F8FD684AF9811FCEA580F9FF93">
<wsse:SecurityTokenReference
wsu:Id="STR-71DE006212BB4C9FA21F3F59F79737CA">
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">removed</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp wsu:Id="TS-1">
<wsu:Created>2016-01-08T23:00:48.578Z</wsu:Created>
<wsu:Expires>2016-01-09T00:00:48.578Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
Here is the request using IBM JDK 6 that has JAX-WS 2.1 -- the only difference I can see is that it uses "ec" prefix and expressly states it's UTF-8
POST /airp/aca/a2a/1095BC_Transmission_AATS2016 HTTP/1.1
Soapaction:
"BulkRequestTransmitter"
Accept: text/xml, multipart/related, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Content-type:
multipart/related;start="
<rootpart * e-488d-80b8-4a137e7cb54e # example.jaxws.sun.com>
";type="application/xop+xml";boundary="uuid:94066996-016e-488d-80b8-4a137e7cb54e";start-info="text/xml"
User-Agent: JAX-WS RI 2.1.6 in JDK 6
Host: la.www4.irs.gov
Connection: keep-alive
Content-Length: 325122
--uuid:94066996-016e-488d-80b8-4a137e7cb54e
Content-Id:
<rootpart * e-488d-80b8-4a137e7cb54e # example.jaxws.sun.com>
Content-Type: application/xop+xml;charset=utf-8;type="text/xml"
Content-Transfer-Encoding: binary
<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:urn="urn:us:gov:treasury:irs:ext:aca:air:7.0" xmlns:urn1="urn:us:gov:treasury:irs:common">
<S:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
S:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-2533902FF05A4C3EAD4DF4394DDC7232">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#TS-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="wsse S urn urn1"></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>removed=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-7E93AD40DB804D8D9241DE569606EC96">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="S urn1"></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>removed=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-2F77BCB77A484ABAB2FF110E580E2DD3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList="S urn urn1"></ec:InclusiveNamespaces>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>removed=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>removed==</ds:SignatureValue>
<ds:KeyInfo Id="KI-7A496D73BB5342EAA06616B8AF4FDCB0">
<wsse:SecurityTokenReference
wsu:Id="STR-BF7E3246416240B5B45DA733BC718073">
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">removed</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp wsu:Id="TS-1">
<wsu:Created>2016-01-08T23:04:33.001Z</wsu:Created>
<wsu:Expires>2016-01-09T00:04:33.001Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
Related
I need to envelope xml in soap message, digest data from original xml and sign it. Actual algorithm of signing or digesting does not matter for now.
Example of original xml:
<TransferMsg>
<Data>Super Important Data</Data>
</TransferMsg>
Final result must be something like that:
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId">MIIIRzCCB/agAwIBAgIKSchnBgAAAAGKvDAIBgYqhQMCAgMwggFOMRgwFgYFKoUDZAESDTEwMjc3MDcwMTM4MDYxGjAYBggqhQMDgQMBARIMMDA3NzA3MzE0MDI5MTwwOgYDVQQJDDPQkS7QodGD0YXQsNGA0LXQstGB0LrQuNC5INC/0LXRgCzQtDExLNGB0YLRgDEs0L7RhDYxIzAhBgkqhkiG9w0BCQEWFGUtbW9za3ZhQGUtbW9za3ZhLnJ1MQswCQYDVQQGEwJSVTEcMBoGA1UECAwTNzcg0LMuINCc0L7RgdC60LLQsDEVMBMGA1UEBwwM0JzQvtGB0LrQstCwMTUwMwYDVQQKDCzQntCQ0J4gItCt0LvQtd=</wsse:BinarySecurityToken>
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/>
</ds:SignedInfo>
<ds:SignatureValue>vnjz04yWa7DbRtC5vJAt/tsCR5m31i3e8FMxG2eOIo4DtsGhm1FgZ8wKLEEzvbYuolrosc2OKkFafqJinsTWsg==</SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#CertId" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="body">
<soap:TransferMsg>
<soap:DataToDigest>Super Important Data</soap:DataToDigest>
</soap:TransferMsg>
</soap:Body>
</soap:Envelope>
Right now I'm using signer builtin sign! and digest! methods like this:
require 'openssl'
require 'signer'
class MySigner
def initialize
#soap_envelope = File.open('./data/soap_envelope.xml') { |f| Nokogiri::XML(f) }
end
def sign(xml_to_sign)
signer = Signer.new(put_in_envelope(xml_to_sign))
signer.cert = OpenSSL::X509::Certificate.new(File.read("./data/cert.pem"))
signer.private_key = OpenSSL::PKey.read(File.read("./data/key.pem"), "PASSWORD")
signer.security_token_id = 'CertId'
namespaces = {
'soap' => 'http://schemas.xmlsoap.org/soap/envelope/',
'ds' => 'http://www.w3.org/2000/09/xmldsig#'
}
# Digest soap:Body tag
signer.document.xpath('//TransferMsg', namespaces).each do |node|
signer.digest!(node, id: 'body')
end
# Sign document itself
signer.sign!(security_token: true, enveloped: true)
signer.to_xml
end
def put_in_envelope(xml)
xml_object = Nokogiri::XML(xml)
valuable_data = xml_object.xpath('/TransferMsg').to_s
#soap_envelope.xpath('//soap:Body').children.first.add_next_sibling(valuable_data)
#soap_envelope
end
end
soap_envelope.xml:
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="body">
</soap:Body>
</soap:Envelope>
But resulted code has <Signature xmlns='http://www.w3.org/2000/09/xmldsig#'> instead of <ds:Signature>:
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId">MIIIRzCCB/agAwIBAgIKSchnBgAAAAGKvDAIBgYqhQMCAgMwggFOMRgwFgYFKoUDZAESDTEwMjc3MDcwMTM4MDYxGjAYBggqhQMDgQMBARIMMDA3NzA3MzE0MDI5MTwwOgYDVQQJDDPQkS7QodGD0YXQsNGA0LXQstGB0LrQuNC5INC/0LXRgCzQtDExLNGB0YLRgDEs0L7RhDYxIzAhBgkqhkiG9w0BCQEWFGUtbW9za3ZhQGUtbW9za3ZhLnJ1MQswCQYDVQQGEwJSVTEcMBoGA1UECAwTNzcg0LMuINCc0L7RgdC60LLQsDEVMBMGA1UEBwwM0JzQvtGB0LrQstCwMTUwMwYDVQQKDCzQntCQ0J4gItCt0LvQtd=</wsse:BinarySecurityToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#gostr34102001-gostr3411"/>
</SignedInfo>
<SignatureValue>vnjz04yWa7DbRtC5vJAt/tsCR5m31i3e8FMxG2eOIo4DtsGhm1FgZ8wKLEEzvbYuolrosc2OKkFafqJinsTWsg==</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#CertId" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="body">
<soap:TransferMsg>
<soap:DataToDigest>Super Important Data</soap:DataToDigest>
</soap:TransferMsg>
</soap:Body>
</soap:Envelope>
Of course I can manually change Signature node namespace and remove xmlns with nokogiri, but I prefer more automatic way to do it. Am I missing something in the docs?
I have question about how to extract the SAML Response in jmeter, i follow these steps but it's not succeed and i don't know where is the problem :
- when i have the login Page, i send post request to the Idp provider to authenticate me (i give him, username and password), after that i will get SAML Response like this :
PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIENvbnNlbnQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjb25zZW50Om9idGFpbmVkIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9hc2Z2Mi1zYXJhaC1kZXYuY2ZhcHBzLnJlbmF1bHQuZnIvc2FtbCIgSUQ9ImlkYWVnaTQtT2ZVcHQzdDZNZVd2RmhVNG92TmZNIiBJblJlc3BvbnNlVG89IklEXzNjNjJkYzZhLTI5N2YtNDM2MS1iYTg3LWIxZjZmMWJmYTUzYSIgSXNzdWVJbnN0YW50PSIyMDE2LTA0LTI1VDExOjMzOjEwWiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly92aXJ0dWFsODcyLmxhYnRlY2gucGxzLnJlbmF1bHQuZnI6ODQ0My9uaWRwL3NhbWwyL21ldGFkYXRhPC9zYW1sOklzc3Vlcj48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24gSUQ9Imlkb0VBYWlPSnJ1RDBsdkFGdmNQR1R4QTRHWlY4IiBJc3N1ZUluc3RhbnQ9IjIwMTYtMDQtMjVUMTE6MzM6MTFaIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3Vlcj5odHRwczovL3ZpcnR1YWw4NzIubGFidGVjaC5wbHMucmVuYXVsdC5mcjo4NDQzL25pZHAvc2FtbDIvbWV0YWRhdGE8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgo8ZHM6U2lnbmVkSW5mbz4KPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNyc2Etc2hhMSIvPgo8ZHM6UmVmZXJlbmNlIFVSST0iI2lkb0VBYWlPSnJ1RDBsdkFGdmNQR1R4QTRHWlY4Ij4KPGRzOlRyYW5zZm9ybXM+CjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjZW52ZWxvcGVkLXNpZ25hdHVyZSIvPgo8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CjwvZHM6VHJhbnNmb3Jtcz4KPGRzOkRpZ2VzdE1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNzaGExIi8+CjxkczpEaWdlc3RWYWx1ZT5KQ1oxNjVkU2NFeEpJUVJKMUcvV2NCR3Jjcmc9PC9kczpEaWdlc3RWYWx1ZT4KPC9kczpSZWZlcmVuY2U+CjwvZHM6U2lnbmVkSW5mbz4KPGRzOlNpZ25hdHVyZVZhbHVlPgp2Um1VTDhKSDR6YlUrbk13YjlPdVZKRllBY2hvZGtlMkUzSEp6cGJhUUJ3dkZHM2Z6Vk1leVdzbWdpWllPRkcwUjlOKyt5Wm9kMGdpCjZTRWFuQkVGVU1aTnJUNVlSYUV5UjZZN042SnA1VkhTMC9ZVWNqdWp0N0xIT2loRWdIWTdnZU5NR3E5eU5GSDM3YUZINlUzeGZQNDIKcWZ1RkFQSGd3Y0x3QmoxUGdUd0ltNUZTMDVJOHAvdlVCYkdiM1JUalpsbW90RHZmWHFIcmVsUHN3Nm5pUEVpNkk3U043S050VlpVcwp0QTRiUmdUY3VmZ0tNRVZVaHdWK1p2SUpEZlNWMVpnYnVVcDlHelJ4dFViSm5rTlBvYjlpdDR6NUx4UUxBUnRaK2gvWHhMSmU0a0hxClZhQ1VkNGFaUUdTaWtHdWpFclBWVUl4S1FwR0p6ZE9FVEtVUzlRPT0KPC9kczpTaWduYXR1cmVWYWx1ZT4KPGRzOktleUluZm8+CjxkczpYNTA5RGF0YT4KPGRzOlg1MDlDZXJ0aWZpY2F0ZT4KTUlJRldUQ0NCRUdnQXdJQkFnSUNBZzR3RFFZSktvWklodmNOQVFFRkJRQXdSVEVRTUE0R0ExVUVDZ3dIVW1WdVlYVnNkREV4TUM4RwpBMVVFQXd3b1EyeGhjM01nTVNCQmRYUm9aVzUwYVdOaGRHbHZiaUJRY21VZ1VISnZaSFZqZEdsdmJpQkRRVEFlRncweE5UQTNNREl4Ck5UUXpNRFJhRncweU5ERXhNVFl4TURVd01qQmFNRXN4RURBT0JnTlZCQW9NQjFKbGJtRjFiSFF4Q3pBSkJnTlZCQVlUQWtaU01Tb3cKS0FZRFZRUUREQ0YyYVhKMGRXRnNPRGN5TG14aFluUmxZMmd1Y0d4ekxuSmxibUYxYkhRdVpuSXdnZ0VpTUEwR0NTcUdTSWIzRFFFQgpBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRFp0NEdDWlVlOHN6dUszaU0vQzBTN3VkWlU2NWtlajNQaWk5QnYySUgvaHRQTFRnRGd4WC9iCldMd1VmQ1RSSjQ4SWxkc01lWWpLcVBlUkF2TnI5RHIvSFhmSEVHNHNTb3BqSXcwYTArR1JRcnd2eWNUbHgwYk40MENEbEVRemFSeE8KYXdqZjVZVVhnQ3V2ZFk5OEYxdndwcjFvOGQ0aDNWUTBqVVdDUVpwZEhNTnozRnF4c0N3cFd6ODlKVGpzN2Q3ay9UOXNrZ2ZQcGM0UgpCWGhOTlYwRHFUNHBTTEZCWmlqc05IZ1NwR3NaMTArN1BBZDNOUXlBUmJ5cy9OdGhyUjNWTDdITFRKN1hjZEptU0NKWWYvM3h0Q2tsClhWcm1CWkMwZVZHVzJPNkF1OVBhRzRFZkZ2L3dwTHVjNWQxZHBCRVpGZnFtOEcxY0dQRjhGT2tPeFJuL0FnTUJBQUdqZ2dKTE1JSUMKUnpBZEJnTlZIUTRFRmdRVWNOOWF5NVRBNUtlNlo3Y2xUTXlBSFlwTkh2RXdId1lEVlIwakJCZ3dGb0FVbzdkc3BpTVZ0T2psdC85RQpQcTgvUkhVRnoza3dnZXdHQTFVZElBU0I1RENCNFRDQjNnWUtLd1lCQkFHcUVRUVFBVENCenpCdkJnZ3JCZ0VGQlFjQ0FSWmphSFIwCmNEb3ZMMk55YkM1eVpXNWhkV3gwTG1aeUwwTmxjblJwWm1sallYUnBiMjVRYjJ4cFkybGxjeTlTWlc1aGRXeDBTVzUwWlhKdVlXd3YKUTJ4aGMzTXhRWFYwYUdWdWRHbGpZWFJwYjI1UWNtVlFjbTlrZFdOMGFXOXVRMEV1Y0dSbU1Gd0dDQ3NHQVFVRkJ3SUNNRkFhVGxKbApibUYxYkhRZ1NXNTBaWEp1WVd3Z1EyeGhjM01nTVNCQmRYUm9aVzUwYVdOaGRHbHZiaUJRY21VZ1VISnZaSFZqZEdsdmJpQkRRU0JEClpYSjBhV1pwWTJGMGFXOXVJRkJ2YkdsamVUQVJCZ2xnaGtnQmh2aENBUUVFQkFNQ0JzQXdIUVlEVlIwbEJCWXdGQVlJS3dZQkJRVUgKQXdJR0NDc0dBUVVGQndNQk1BNEdBMVVkRHdFQi93UUVBd0lGNERBbEJnTlZIUkVFSGpBY2dScGthV1JwWlhJdWNtOXRaV3h2ZEVCeQpaVzVoZFd4MExtTnZiVEJZQmdOVkhSOEVVVEJQTUUyZ1M2Qkpoa2RvZEhSd09pOHZZM0pzTG5KbGJtRjFiSFF1Wm5JdlExSk1MMUpsCmJtRjFiSFJKYm5SbGNtNWhiQzlEYkdGemN6RkJkWFJvVUhKbFVISnZaSFZqZEdsdmJrTkJMbU55YkRCVEJnZ3JCZ0VGQlFjQkFRUkgKTUVVd1F3WUlLd1lCQlFVSE1BR0dOMmgwZEhBNkx5OWpjbXd1Y21WdVlYVnNkQzVtY2k5dlkzTndMMUpsYm1GMWJIUkpiblJsY201aApiRkJ5WlZCeWIyUjFZM1JwYjI0d0RRWUpLb1pJaHZjTkFRRUZCUUFEZ2dFQkFFMURjcFdWblZONWJ2WkJxRmtqVVYxelFpb1UveUUwCkY2WVZPbjhOR3Z1bDNkZ1VJbnBEQXU1MjhDR1UzbWY0V2t3eWcvQWNpY3Z1SytqYmY2U056dW9xY0NEamJxYTZXYUtGREhNZ2oxVkQKR3JmWUJ3L1dkZE5HL3Q4RE5jYUpibXZXNjhGMVcwTkwxRHdWRGdmQVErcFdkL3M2NGZGc3NtOHJkWWtmOUt3ekxQWEtZSW43NFlicgorRmYreGZUWGVVNGFYa1A1N1ozSWNlb0hWdmdYbWNCeUpBM2phWStNdCtjNEF0MHNEZ2Njb3pFSzJYTlh0TjMwdHMwczJieGNVL05DCjdVUkZKTjBGTzZ4RzdZb0gyYmEzSXRKVXpReWRzNGZ4V1QxWjk3Z2hweDRkejljOXV3MHhiQlhocFZ0QlZ2bjlvTDlCUDR1R2NMWmEKWnZlTHlJTT0KPC9kczpYNTA5Q2VydGlmaWNhdGU+CjwvZHM6WDUwOURhdGE+CjwvZHM6S2V5SW5mbz4KPC9kczpTaWduYXR1cmU+PHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDp1bnNwZWNpZmllZCIgTmFtZVF1YWxpZmllcj0iaHR0cHM6Ly92aXJ0dWFsODcyLmxhYnRlY2gucGxzLnJlbmF1bHQuZnI6ODQ0My9uaWRwL3NhbWwyL21ldGFkYXRhIiBTUE5hbWVRdWFsaWZpZXI9Imh0dHBzOi8vYXNmdjItc2FyYWgtZGV2LmNmYXBwcy5yZW5hdWx0LmZyIj5wMDgwMTQ1PC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJJRF8zYzYyZGM2YS0yOTdmLTQzNjEtYmE4Ny1iMWY2ZjFiZmE1M2EiIE5vdE9uT3JBZnRlcj0iMjAxNi0wNC0yNVQxMjozMzoxMFoiIFJlY2lwaWVudD0iaHR0cHM6Ly9hc2Z2Mi1zYXJhaC1kZXYuY2ZhcHBzLnJlbmF1bHQuZnIvc2FtbCIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE2LTA0LTI1VDExOjI4OjExWiIgTm90T25PckFmdGVyPSIyMDE2LTA0LTI1VDExOjM4OjExWiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL2FzZnYyLXNhcmFoLWRldi5jZmFwcHMucmVuYXVsdC5mcjwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTYtMDQtMjVUMTE6MzM6MTBaIiBTZXNzaW9uSW5kZXg9Imlkb0VBYWlPSnJ1RDBsdkFGdmNQR1R4QTRHWlY4Ij48c2FtbDpBdXRobkNvbnRleHQ+PHNhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmQ8L3NhbWw6QXV0aG5Db250ZXh0Q2xhc3NSZWY+PHNhbWw6QXV0aG5Db250ZXh0RGVjbFJlZj5zZWN1cmUvbmFtZS9wYXNzd29yZC91cmk8L3NhbWw6QXV0aG5Db250ZXh0RGVjbFJlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgTmFtZT0idWlkIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OmJhc2ljIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5wMDgwMTQ1PC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgTmFtZT0icHJlZmVycmVkTGFuZ3VhZ2UiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dW5zcGVjaWZpZWQiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPkZSPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgTmFtZT0ibWFpbCIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDpiYXNpYyI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+c2FyYWguaGFkYmlAcmVuYXVsdC5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIiBOYW1lPSJnaXZlbk5hbWUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dW5zcGVjaWZpZWQiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPlNhcmFoPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgTmFtZT0ic24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPkhhZGJpPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgTmFtZT0iY24iIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPkhBREJJIFNhcmFoPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PHNhbWw6QXR0cmlidXRlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgTmFtZT0icmVucGVyc29udHlwZSIgTmFtZUZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmF0dHJuYW1lLWZvcm1hdDp1bnNwZWNpZmllZCI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyI+b3U9Y2F0U1RHUixvdT1QZXJzb25UeXBlcyxvdT1UZWNobmljYWxEYXRhLG89cmVuYXVsdDwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIE5hbWU9IlJvbGUxIiBOYW1lRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXR0cm5hbWUtZm9ybWF0OnVuc3BlY2lmaWVkIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIj5hZG1pbjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjxzYW1sOkF0dHJpYnV0ZSB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIE5hbWU9InJlbmNvc3RjZW50ZXIiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6dW5zcGVjaWZpZWQiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhzaTp0eXBlPSJ4czpzdHJpbmciPkFBNTA4MTU8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4=
In jmeter i used: post regular expression extractor, i give him this regex to extract the SAMLResponse but it don't work :
name='SAMLResponse' value='([^"]+)'
If anyone can help me ?
This response is base64 encoded. You need to base64 decode this response. Save the response in a file, lets call it idpResponse.
If you have a linux shell run the command below to decode the response:
cat idpResponse | base64 -D
You contents are:
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained"
Destination="https://asfv2-sarah-dev.cfapps.renault.fr/saml"
ID="idaegi4-OfUpt3t6MeWvFhU4ovNfM"
InResponseTo="ID_3c62dc6a-297f-4361-ba87-b1f6f1bfa53a"
IssueInstant="2016-04-25T11:33:10Z" Version="2.0">
<saml:Issuer>
https://virtual872.labtech.pls.renault.fr:8443/nidp/saml2/metadata</saml:Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</samlp:Status>
<saml:Assertion ID="idoEAaiOJruD0lvAFvcPGTxA4GZV8"
IssueInstant="2016-04-25T11:33:11Z" Version="2.0">
<saml:Issuer>
https://virtual872.labtech.pls.renault.fr:8443/nidp/saml2/metadata</saml:Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#idoEAaiOJruD0lvAFvcPGTxA4GZV8">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>
JCZ165dScExJIQRJ1G/WcBGrcrg=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
vRmUL8JH4zbU+nMwb9OuVJFYAchodke2E3HJzpbaQBwvFG3fzVMeyWsmgiZYOFG0R9N++yZod0gi
6SEanBEFUMZNrT5YRaEyR6Y7N6Jp5VHS0/YUcjujt7LHOihEgHY7geNMGq9yNFH37aFH6U3xfP42
qfuFAPHgwcLwBj1PgTwIm5FS05I8p/vUBbGb3RTjZlmotDvfXqHrelPsw6niPEi6I7SN7KNtVZUs
tA4bRgTcufgKMEVUhwV+ZvIJDfSV1ZgbuUp9GzRxtUbJnkNPob9it4z5LxQLARtZ+h/XxLJe4kHq
VaCUd4aZQGSikGujErPVUIxKQpGJzdOETKUS9Q==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIFWTCCBEGgAwIBAgICAg4wDQYJKoZIhvcNAQEFBQAwRTEQMA4GA1UECgwHUmVuYXVsdDExMC8G
A1UEAwwoQ2xhc3MgMSBBdXRoZW50aWNhdGlvbiBQcmUgUHJvZHVjdGlvbiBDQTAeFw0xNTA3MDIx
NTQzMDRaFw0yNDExMTYxMDUwMjBaMEsxEDAOBgNVBAoMB1JlbmF1bHQxCzAJBgNVBAYTAkZSMSow
KAYDVQQDDCF2aXJ0dWFsODcyLmxhYnRlY2gucGxzLnJlbmF1bHQuZnIwggEiMA0GCSqGSIb3DQEB
AQUAA4IBDwAwggEKAoIBAQDZt4GCZUe8szuK3iM/C0S7udZU65kej3Pii9Bv2IH/htPLTgDgxX/b
WLwUfCTRJ48IldsMeYjKqPeRAvNr9Dr/HXfHEG4sSopjIw0a0+GRQrwvycTlx0bN40CDlEQzaRxO
awjf5YUXgCuvdY98F1vwpr1o8d4h3VQ0jUWCQZpdHMNz3FqxsCwpWz89JTjs7d7k/T9skgfPpc4R
BXhNNV0DqT4pSLFBZijsNHgSpGsZ10+7PAd3NQyARbys/NthrR3VL7HLTJ7XcdJmSCJYf/3xtCkl
XVrmBZC0eVGW2O6Au9PaG4EfFv/wpLuc5d1dpBEZFfqm8G1cGPF8FOkOxRn/AgMBAAGjggJLMIIC
RzAdBgNVHQ4EFgQUcN9ay5TA5Ke6Z7clTMyAHYpNHvEwHwYDVR0jBBgwFoAUo7dspiMVtOjlt/9E
Pq8/RHUFz3kwgewGA1UdIASB5DCB4TCB3gYKKwYBBAGqEQQQATCBzzBvBggrBgEFBQcCARZjaHR0
cDovL2NybC5yZW5hdWx0LmZyL0NlcnRpZmljYXRpb25Qb2xpY2llcy9SZW5hdWx0SW50ZXJuYWwv
Q2xhc3MxQXV0aGVudGljYXRpb25QcmVQcm9kdWN0aW9uQ0EucGRmMFwGCCsGAQUFBwICMFAaTlJl
bmF1bHQgSW50ZXJuYWwgQ2xhc3MgMSBBdXRoZW50aWNhdGlvbiBQcmUgUHJvZHVjdGlvbiBDQSBD
ZXJ0aWZpY2F0aW9uIFBvbGljeTARBglghkgBhvhCAQEEBAMCBsAwHQYDVR0lBBYwFAYIKwYBBQUH
AwIGCCsGAQUFBwMBMA4GA1UdDwEB/wQEAwIF4DAlBgNVHREEHjAcgRpkaWRpZXIucm9tZWxvdEBy
ZW5hdWx0LmNvbTBYBgNVHR8EUTBPME2gS6BJhkdodHRwOi8vY3JsLnJlbmF1bHQuZnIvQ1JML1Jl
bmF1bHRJbnRlcm5hbC9DbGFzczFBdXRoUHJlUHJvZHVjdGlvbkNBLmNybDBTBggrBgEFBQcBAQRH
MEUwQwYIKwYBBQUHMAGGN2h0dHA6Ly9jcmwucmVuYXVsdC5mci9vY3NwL1JlbmF1bHRJbnRlcm5h
bFByZVByb2R1Y3Rpb24wDQYJKoZIhvcNAQEFBQADggEBAE1DcpWVnVN5bvZBqFkjUV1zQioU/yE0
F6YVOn8NGvul3dgUInpDAu528CGU3mf4Wkwyg/AcicvuK+jbf6SNzuoqcCDjbqa6WaKFDHMgj1VD
GrfYBw/WddNG/t8DNcaJbmvW68F1W0NL1DwVDgfAQ+pWd/s64fFssm8rdYkf9KwzLPXKYIn74Ybr
+Ff+xfTXeU4aXkP57Z3IceoHVvgXmcByJA3jaY+Mt+c4At0sDgccozEK2XNXtN30ts0s2bxcU/NC
7URFJN0FO6xG7YoH2ba3ItJUzQyds4fxWT1Z97ghpx4dz9c9uw0xbBXhpVtBVvn9oL9BP4uGcLZa
ZveLyIM=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
NameQualifier="https://virtual872.labtech.pls.renault.fr:8443/nidp/saml2/metadata"
SPNameQualifier="https://asfv2-sarah-dev.cfapps.renault.fr">
p080145</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData InResponseTo="ID_3c62dc6a-297f-4361-ba87-b1f6f1bfa53a"
NotOnOrAfter="2016-04-25T12:33:10Z"
Recipient="https://asfv2-sarah-dev.cfapps.renault.fr/saml" />
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2016-04-25T11:28:11Z"
NotOnOrAfter="2016-04-25T11:38:11Z">
<saml:AudienceRestriction>
<saml:Audience>
https://asfv2-sarah-dev.cfapps.renault.fr</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2016-04-25T11:33:10Z"
SessionIndex="idoEAaiOJruD0lvAFvcPGTxA4GZV8">
<saml:AuthnContext>
<saml:AuthnContextClassRef>
urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
<saml:AuthnContextDeclRef>
secure/name/password/uri</saml:AuthnContextDeclRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="uid"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">
p080145</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="preferredLanguage"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml:AttributeValue xsi:type="xs:string">
FR</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="mail"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">
sarah.hadbi#renault.com</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="givenName"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml:AttributeValue xsi:type="xs:string">
Sarah</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="sn"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">
Hadbi</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="cn"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xsi:type="xs:string">HADBI
Sarah</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="renpersontype"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml:AttributeValue xsi:type="xs:string">
ou=catSTGR,ou=PersonTypes,ou=TechnicalData,o=renault</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="Role1"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml:AttributeValue xsi:type="xs:string">
admin</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="rencostcenter"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<saml:AttributeValue xsi:type="xs:string">
AA50815</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</samlp:Response>
Your regex, name='SAMLResponse' value='([^"]+)' mixes quote types: ' and ". Your matching group matches "anything that isn't a " one or more times, and then a ' afterwards. I suspect that your pattern matches the trailing ', keeps going, and then can't find the ending ' because it already matched it in the ([^"]+).
If you're passing this value back into another request, that should be all you need to change. Otherwise, you'll have to do what Suresh Koya suggests.
use regex:
name='SAMLResponse' value='([\s\S]+?)'
I'm trying to validate a SOAP-Request against the Schemas defined in the WSDL. I'm using a SOAPHandler with a SOAP-Handler-Chain. It works the only problem is that when I'm validating the request, I get this error message:
cvc-complex-type.2.4.a: Invalid content was found starting with element 'v1:latitude'. One of '{"http://schemas.domain.com/wsdl/fuelprice/v1/model":latitude}' is expected.
The WSDL looks like this:
<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
mlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
mlns:http="http://schemas.xmlsoap.org/wsdl/http/"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:tns="http://schemas.domain.com/wsdl/fuelprice/v1"
xmlns:model="http://schemas.domain.com/wsdl/fuelprice/v1/model"
xmlns:exception="http://schemas.domain.com/wsdl/fuelprice/v1/exception"
targetNamespace="http://schemas.domain.com/wsdl/fuelprice/v1">
<wsdl:types>
<xsi:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema" targetNamespace="http://schemas.domain.com/wsdl/fuelprice/v1" elementFormDefault="qualified">
<xsi:import namespace="http://schemas.domain.com/wsdl/fuelprice/v1/model" schemaLocation="common.xsd"/>
<xsi:import namespace="http://schemas.domain.com/wsdl/fuelprice/v1/exception" schemaLocation="exception.xsd"/>
<xsi:import namespace="http://schemas.xmlsoap.org/soap/envelope/" schemaLocation="http://schemas.xmlsoap.org/soap/envelope/"/>
<xsi:element name="GetAreaFuelStationsRequest">
<xsi:complexType>
<xsi:sequence>
<xsi:element name="area" type="model:Area"/>
</xsi:sequence>
<xsi:attribute name="provider" type="xsi:string" use="optional"/>
<xsi:attribute name="prices" type="xsi:boolean" use="required"/>
</xsi:complexType>
</xsi:element>
The XSD:
<?xml version="1.0" encoding="UTF-8"?>
<xsi:schema xmlns:xsi="http://www.w3.org/2001/XMLSchema" xmlns:model="http://schemas.domain.com/wsdl/fuelprice/v1/model" targetNamespace="http://schemas.domain.com/wsdl/fuelprice/v1/model" elementFormDefault="qualified">
<xsi:complexType name="FuelStation">
<xsi:complexType name="Area">
<xsi:sequence>
<xsi:element name="center" type="model:GeoLocation"/>
<xsi:element name="radius" type="xsi:float"/>
</xsi:sequence>
</xsi:complexType>
<xsi:complexType name="GeoLocation">
<xsi:sequence>
<xsi:element name="latitude" type="xsi:double"/>
<xsi:element name="longitude" type="xsi:double"/>
</xsi:sequence>
<xsi:attribute name="ellipsoid" type="xsi:string" use="required"/>
</xsi:complexType>
The source code fragment:
try {
context.getMessage().getSOAPPart().getEnvelope();
schemas = getSchemas(new URL(wsdlURI.toString().concat(wsdl)));
schema = factory.newSchema(schemas);
validator = schema.newValidator();
validator.validate(new DOMSource(xml));
}
A request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://schemas.domain.com/wsdl/fuelprice/v1" xmlns:mod="http://schemas.domain.com/wsdl/fuelprice/v1/model">
<soapenv:Header/>
<soapenv:Body>
<v1:GetAreaFuelStationsRequest provider="ep1" prices="true">
<v1:area>
<mod:center ellipsoid="false">
<v1:latitude>49.8385</v1:latitude>
<v1:longitude>8.5014</v1:longitude>
</mod:center>
<mod:radius>10</mod:radius>
</v1:area>
</v1:GetAreaFuelStationsRequest>
</soapenv:Body>
</soapenv:Envelope>
Can anybody see what is wrong here? I have set
elementFormDefault="qualified"
but it did not work.
The error message has a key clue:
cvc-complex-type.2.4.a: Invalid content was found starting with
element 'v1:latitude'. One of
'{"http://schemas.domain.com/wsdl/fuelprice/v1/model":latitude}' is
expected.
Notice that the targetNamespace of the XSD,
targetNamespace="http://schemas.domain.com/wsdl/fuelprice/v1/model"
disagrees with the declaration of the namespace prefix,
xmlns:v1="http://schemas.domain.com/wsdl/fuelprice/v1"
used by latitude in the request:
<v1:latitude>49.8385</v1:latitude>
Make them match to eliminate your error.
What I did to get it working:
I imported into the wsdl the soap/envelope schema
I got the request body element and created a document from it as the document root
I added to the body-element the soap/envelope namespace
I am creating a recurring appointment via EWS managed API.
Creating Weekly appointments works.
Creating Monthly Appointments doesn't work.
When EWS posts my monthly appointment to the server, Exchange does not return any error, yet the appointment is not there.
All I can see, it should be there - but it isn't!
Does anyone here know why?
Here is the trace of the recurrence posted to the server:
<t:Recurrence>
<t:RelativeMonthlyRecurrence>
<t:Interval>1</t:Interval>
<t:DaysOfWeek>Saturday</t:DaysOfWeek>
<t:DayOfWeekIndex>Last</t:DayOfWeekIndex>
</t:RelativeMonthlyRecurrence>
<t:NumberedRecurrence> <br /> <t:StartDate>2014-04-26</t:StartDate>
<t:NumberOfOccurrences>10</t:NumberOfOccurrences>;
</t:NumberedRecurrence>
</t:Recurrence>
and here is the trace of the response header
<Trace Tag="EwsResponseHttpHeaders" Tid="18" Time="2014-04-25 14:00:56Z">
HTTP/1.1 200 OK
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
X-EwsPerformanceData: RpcC=13;RpcL=919;LdapC=0;LdapL=0;
Persistent-Auth: true
Cache-Control: private
Content-Type: text/xml; charset=utf-8
Date: Fri, 25 Apr 2014 14:00:56 GMT
Server: Microsoft-IIS/7.5
X-AspNet-Version: 2.0.50727
X-Powered-By: ASP.NET
</Trace>
and the response body.
<Trace Tag="EwsResponse" Tid="18" Time="2014-04-25 14:00:56Z" Version="15.00.0516.014"> <br /> <?xml version="1.0" encoding="utf-8"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<h:ServerVersionInfo MajorVersion="14" MinorVersion="0" MajorBuildNumber="722" MinorBuildNumber="0" Version="Exchange2010" xmlns:h="http://schemas.microsoft.com/exchange/services/2006/types" xmlns="http://schemas.microsoft.com/exchange/services/2006/types" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" />
</s:Header>
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<m:CreateItemResponse xmlns:m="http://schemas.microsoft.com/exchange/services/2006/messages" xmlns:t="http://schemas.microsoft.com/exchange/services/2006/types">
<m:ResponseMessages>
<m:CreateItemResponseMessage ResponseClass="Success"> r /> <m:ResponseCode>NoError</m:ResponseCode>
<m:Items>
<t:CalendarItem>
<t:ItemId Id="AAMkADZmMGNlYzkwLWE0NGUtNGQxMC04MTc4LTE3MWM3MzExM2UzMQBGAAAAAAAVFLM1uwjxTpI7ZWapZLFDBwAG/DdYA3s2SJJPro446HsmAAAAAAAgAAAG/DdYA3s2SJJPro446HsmAAAOswdMAAA=" ChangeKey="DwAAABYAAAAG/DdYA3s2SJJPro446HsmAAAOsyvo" />
</t:CalendarItem>
</m:Items>
</m:CreateItemResponseMessage>
</m:ResponseMessages> r /> </m:CreateItemResponse>
</s:Body>
</s:Envelope>
</Trace>
Given that your XML is invalid, no surprise:
<t:DaysOfWeek>Saturday</t:DaysOfWeek>
^^^^---- should be just <
<t:DayOfWeekIndex>Last</t:DayOfWeekIndex>
^^^^----ditto
<t:NumberedRecurrence> <br /> <t:StartDate>2014-04-26</t:StartDate>
^^^^^^---huh? ^^^^----ditto
I am trying to load test a websocket server. Server accepts and sends application/json and interactions seems to be rather fine.
Server accepts correctly messages sent from client (tsung). Unfortunately from the client perspective it can't read responses and I think might be related to the fact messages are garble at least looking at tsung.dump I see ASCII characters like NUL, SOH, SI, etc but I also see json responses from the server somehow ok.
This is my tsung.xml file snippet:
<?xml version="1.0"?>
<!DOCTYPE tsung SYSTEM "/usr/local/Cellar/tsung/1.5.0/share/tsung/tsung-1.0.dtd">
<tsung loglevel="debug" dumptraffic="true">
<clients>
<client host="localhost" use_controller_vm="true" maxusers="1000" />
</clients>
<servers>
<server host="127.0.0.1" port="8282" type="tcp" />
</servers>
<load>
<arrivalphase phase="1" duration="120" unit="second">
<users maxnumber="1" arrivalrate="1" unit="second" />
</arrivalphase>
</load>
<sessions>
<session name="websocket" probability="100" type="ts_websocket">
<request subst="true">
<websocket type="connect" path="/fancyurl?Content-Type=application/json"></websocket>
</request>
<transaction name="getsession">
<request subst="true">
<dyn_variable name="sessionid" jsonpath="session"/>
<websocket type="message">{"type": "EventMessageCmd", "user": "lnramirez", "eventCode" : "epfl"}
</websocket>
</request>
</transaction>
<thinktime value="10"/>
<request>
<dyn_variable name="boothAck" jsonpath="commandStatus" />
<websocket type="message">
{
"user": "lramirezmonterosa",
"eventCode": "epfl",
"type": "BoothMessageCmd",
"boothCode": "ic",
"commandStatus": "REQUESTED",
"boothRequest": "JOIN"
}
</websocket>
</request>
<request>
<websocket type="close"></websocket>
</request>
</session>
</sessions>
</tsung>
tsung.dump:
Send:1390970727.56257:<0.84.0>:‚ìÝju¦`U_ýJU_ýJU_ýJU_ÿ¸HO_ÿ/³8®¸)ÿFU]¨
ÿPU]±´°¸¼HY_ÿ³6¹W_çJW]×JU_ýJU_ýJU_ýJU
Recv:1390970727.588689<0.84.0>:~{"type":"HeartBeatMessageCmd","timeCmdBroadcasted":1390970727588,"timeCmdGenerated":1390970727588,"commandStatus":"REQUESTED","user":"lramirezmonterosa","eventCode":"epfl","uuid":"a91e2c1b-859d-4299-99fd-e7ba63ba1f42","userSession":"25bb5627-4eb3-4a23-a1c9-edd5b8231808"}`