我可以将 saml-token 作为字符串获取吗?

Can I get saml-token as string?

我正在使用 spring-security-saml2 1.0.0.RELEASE。 它很好用,对我来说非常好。

但是新的要求提高了。我需要 saml-token 作为字符串。

我可以获取字符串形式的 saml-token 吗?我在日志中找到了 saml-token。 但是如何获取字符串格式的saml-token呢?

问得好,我刚刚在 Spring SAML 手册中添加了一个新章节来解决这个问题:

Authentication assertion

Assertion used to authenticate user is stored in the SAMLCredential object under property authenticationAssertion. By default the original content (DOM) of the assertion is discarded and system only keeps an unmarshalled version which might slightly differ from the original, e.g. in white-spaces. In order to instruct Spring SAML to keep the assertion in the original form (keep its DOM) set property releaseDOM to false on bean WebSSOProfileConsumerImpl.

Assertion can be serialized to String using the following call:

XMLHelper.nodeToString(SAMLUtil.marshallMessage(credential.getAuthenticationAssertion()))