[jdom-interest] Namespace inheritance after cloning

[Alistair Young]

Found the problem, though not the solution yet!
I tracked the Document from creation to signing and JDOM is doing
everything fine. All namespaces, once declared in the Element creations in
each separate Document are cloned fine.
Explicitly declaring the ns at Element creation time solves one of the
xmlns="" problems.
It still appears though, when XMLSignature.sign() jumps on the converted
Document.
1) Build JDOM Documents, with NS Elements - fine
2) Clone JDOM Document.getRootElement() instances into one JDOM Document -
fine
3) Convert JDOM Document -> org.3c.dom.Document - fine - all namespaces
are fine and the doc is validated
4) XMLSignature.sign() - it puts in xmlns="" on some elements!
So, JDOM is now fine, now that I've declared the namespaces.
However, XMLSignature isn't doing it's work properly. For some reason it's
mangling some namespaces.
I'll have to read lots more on XMLSignature.
Thanks for you help folks,
cheers,
Alistair


-- 
Alistair Young
Senior Software Engineer
UHI at Sabhal Mòr Ostaig
Isle of Skye
Scotland

> Can you please send in executable code (like a unit test) and remove all
> the useless attributes and elements that don't change the behavior?
>
> -jh-
>
> Alistair Young wrote:
>
>> The inheritance problem I get is:
>>
>> If I clone:
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
>> AssertionID="Assertion-id" MajorVersion="1" MinorVersion="1"
>> Issuer="guanxi.uhi.ac.uk" IssueInstant="2004-10-01T14:24:59Z">
>>   <AuthenticationStatement AuthenticationInstant="2004-10-01T14:24:59Z"
>> AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
>>     <Subject>
>>       <NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier"
>> NameQualifier="https://idp.example.org/shibboleth/">OFFLINE</NameIdentifier>
>>       <SubjectConfirmation>
>>         <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod>
>>       </SubjectConfirmation>
>>     </Subject>
>>   </AuthenticationStatement>
>> </Assertion>
>>
>> and add it to:
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
>> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
>> IssueInstant="2004-10-01T14:24:59Z" MajorVersion="1" MinorVersion="1"
>> Recipient="http://localhost/Shibboleth.shire" ResponseID="Response-id">
>>   <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
>> AssertionID="Assertion-id" IssueInstant="2004-10-01T14:24:59Z"
>> Issuer="guanxi.uhi.ac.uk" MajorVersion="1" MinorVersion="1">
>>
>> I get:
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>> <Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
>> xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
>> IssueInstant="2004-10-01T14:24:59Z" MajorVersion="1" MinorVersion="1"
>> Recipient="http://localhost/Shibboleth.shire" ResponseID="Response-id">
>>   <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
>> AssertionID="Assertion-id" IssueInstant="2004-10-01T14:24:59Z"
>> Issuer="guanxi.uhi.ac.uk" MajorVersion="1" MinorVersion="1">
>>     <AuthenticationStatement xmlns=""
>> AuthenticationInstant="2004-10-01T14:24:59Z"
>> AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
>>       <Subject>
>>         <NameIdentifier Format="urn:mace:shibboleth:1.0:nameIdentifier"
>> NameQualifier="https://idp.example.org/shibboleth/">OFFLINE</NameIdentifier>
>>         <SubjectConfirmation>
>>           <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod>
>>         </SubjectConfirmation>
>>       </Subject>
>>     </AuthenticationStatement>
>>   </Assertion>
>> </Response>
>>
>> AuthenticationStatement has suddenly grown a new xmlns="", overriding
>> it's
>> default namespace. All the Assertion children have the same namespace
>> set
>> when creating the elements. It seems that when I clone the Assertion and
>> add it to the root element, I lose the namespace on
>> AuthenticationStatement.
>>
>> any advice appreciated.
>> thanks,
>> Alistair
>>
>
>