SAML WriteXML problem in C #

Question

SAML WriteXML problem in C #

I created a SamlAssertion instance and added a permission statement and attributes to it, and now I want to print the XML so that I can make an HTTP message, but not the whole assertion is outputed. What am I missing (I'm sure this is something bone-in)?

Here is the code I'm using:

// Add the Statements to the SAML Assertion
   samlAssert.Statements.Add(samlAuthStatement);
   samlAssert.Statements.Add(samlAttrStatement);
   MemoryStream xmlStream = new MemoryStream();
   XmlDictionaryWriter xmlWriter = XmlDictionaryWriter.CreateTextWriter(xmlStream, System.Text.Encoding.UTF8);
   SamlSerializer samlAssertSerializer = new SamlSerializer();
   WSSecurityTokenSerializer secTokenSerializer = new WSSecurityTokenSerializer();
   samlAssert.WriteXml(xmlWriter, samlAssertSerializer, secTokenSerializer);

   xmlStream.Position = 0;
   StreamReader sr = new StreamReader(xmlStream, System.Text.Encoding.UTF8);
   string AssertStr = sr.ReadToEnd();
   TextBox1.Text = AssertStr;

But whatever comes back is the following:

<saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="assertID" 
                Issuer="my Company" IssueInstant="2008-11-19T19:54:12.191Z" 
                xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
    <saml:Conditions NotBefore="2008-11-19T19:54:12.191Z" NotOnOrAfter="2008-11-19T19:59:12.191Z"/>
    <saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken" 
                                  AuthenticationInstant="2008-11-19T19:54:12.191Z">
        <saml:Subject>
            <saml:NameIdentifier Format="cs-sstc-schema-assertion-1.1.xsd" NameQualifier="My company">xxxx</saml:NameIdentifier>
            <saml:SubjectConfirmation>
                <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod>
            </saml:SubjectConfirmation>
        </saml:Subject>
        <saml:SubjectLocality IPAddress="x.x.x.x"/>
        </saml:

+1

c # xml assertions saml

mjmcinto 19 nov. '08 at 20:13

source to share

2 answers

Darin Dimitrov · Answer 1 · 2009-11-07T19:07:18+0000

If I had one piece of advice to give you in this case, it would be: Always use expressions using

when dealing with IDisposable objects such as streams. In addition to automatically cleaning up streams, it also frees resources in case of an exception:

// Add the Statements to the SAML Assertion
samlAssert.Statements.Add(samlAuthStatement);
samlAssert.Statements.Add(samlAttrStatement);

var sb = new StringBuilder();
var settings = new XmlWriterSettings 
{
    OmitXmlDeclaration = true,
    Encoding = Encoding.UTF8
};
using (var stringWriter = new StringWriter(sb))
using (var xmlWriter = XmlWriter.Create(stringWriter, settings))
using (var dictionaryWriter = XmlDictionaryWriter.CreateDictionaryWriter(xmlWriter))
{
    var samlAssertSerializer = new SamlSerializer();
    var secTokenSerializer = new WSSecurityTokenSerializer();
    samlAssert.WriteXml(
        dictionaryWriter, 
        samlAssertSerializer, 
        secTokenSerializer
    );
}

TextBox1.Text = sb.ToString();

Brad patton · Answer 2 · 2008-11-25T19:05:38+0000

I'm not sure if this is directly related to your case, but it might be useful information related to re-serializing the SAML token

http://blogs.msdn.com/govindr/archive/2006/10/24/re-serialize-saml-token.aspx

SAML WriteXML problem in C #

More articles: