[xmlsec] xmlsec encrypt xpath

Aleksey Sanin aleksey at aleksey.com
Fri May 22 13:56:25 PDT 2009 

http://www.google.com/search?hl=en&q=example+XPath+%22local-name()%22+&btnG=Search

Cook, Sean D (Genworth) wrote:
> Not familiar with that can you point me toward some light reading?  Or
> give me an example?
> 
> 
> Sent from my blackberry. 
> 
> ----- Original Message -----
> From: Aleksey Sanin <aleksey at aleksey.com>
> To: Cook, Sean D (Genworth)
> Cc: xmlsec at aleksey.com <xmlsec at aleksey.com>
> Sent: Fri May 22 16:28:27 2009
> Subject: Re: [xmlsec] xmlsec encrypt xpath
> 
> Yeah, unfortunately, command line tool is not very friendly to
> namespaces in xpath. I think the only option to get what you want
> is to use local-name() in the XPath expression.
> 
> Aleksey
> 
> Cook, Sean D (Genworth) wrote:
>> Greetings! 
>>
>>  
>>
>> I am trying to encrypt an element of a saml artifact (the assertion)…
> I 
>> have tried using the following xpath:
>>
>>  
>>
>> --node-xpath /samlp:Response/saml:Assertion
>>
>>  
>>
>> This works in perls XML::XPath to identify the appropriate node, but I
>> get an undefined namespace prefix when trying to encrypt.  I have
> pared 
>> down the xml to make sure there was nothing interfering and still no
> luck:
>>  
>>
>> /apps/xmlsec/bin/xmlsec1 encrypt --privkey-pem keys/private.key  
>> --pubkey-pem keys/pub.key  --session-key des-192  --xml-data 
>> saml-artifact.xml --output doc-encrypted-xpath.xml --node-xpath 
>> /samlp:Response/saml:Assertion session-key-template.xml
>>
>> XPath error : Undefined namespace prefix
>>
>> xmlXPathEval: evaluation failed
>>
>> Error: failed to evaluate xpath expression
>>
>> Error: failed to load file "saml-artifact.xml"
>>
>> Error: failed to encrypt file with template "session-key-template.xml"
>>
>>  
>>
>> # content of saml-artifact.xml
>>
>> <?xml version="1.0" encoding="UTF-8"?>
>>
>> <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" 
>> ID="djlmjbkjflgnbankboaepihbcckcgcpkmlgfmbpc" Version="2.0" 
>> IssueInstant="2009-05-22T18:23:51Z" 
>> Destination="https://somedestination/post">
>>
>>     <saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
>> Version="2.0" xml:id="ngaognjiljmkbelegfgnighebokoakanaalhnepj" 
>> ID="ngaognjiljmkbelegfgnighebokoakanaalhnepj" 
>> IssueInstant="2009-05-22T18:23:51Z">
>>
>>     </saml:Assertion>
>>
>> </samlp:Response>
>>
>>  
>>
>> Can you point me in the right direction?
>>
>>  
>>
>>  
>>
>>  
>>
>>
>>
> ------------------------------------------------------------------------
>> _______________________________________________
>> xmlsec mailing list
>> xmlsec at aleksey.com
>> http://www.aleksey.com/mailman/listinfo/xmlsec
>

More information about the xmlsec mailing list