我正在研究SAML 1.1断言消费者服务的测试工具.测试必须生成签名的SAMLResponse并将其提交给Base64中编码的ACS.ACS必须能够使用X509公共证书验证签名的消息.
我能够构建SAMLResponse,添加必要的断言等.但是当我尝试签署对象时,我遇到了问题.这是我当前代码的片段:
String certPath = "mycert.pem";
File pubCertFile = new File(certPath);
BufferedInputStream bis = null;
try {
bis = new BufferedInputStream(new FileInputStream(pubCertFile));
} catch(FileNotFoundException e) {
throw new Exception("Could not locate certfile at '" + certPath + "'", e);
}
CertificateFactory certFact = null;
Certificate cert = null;
try {
certFact = CertificateFactory.getInstance("X.509");
cert = certFact.generateCertificate(bis);
} catch(CertificateException e) {
throw new Exception("Could not instantiate cert", e);
}
bis.close();
ArrayList<Certificate> certs = new ArrayList<Certificate>();
certs.add(cert);
String keyPath = "mykey.pem"; …