java—从查询字符串解码jsp中的samlresponse

db2dz4w8  于 2021-06-29  发布在  Java
关注(0)|答案(0)|浏览(470)

我有一个简单的jsp页面来显示解码的saml响应,该响应必须作为查询字符串接收。代码如下:

<%@ page contentType="text/xml" %>
<%@ page language="java" import="java.io.*" %>
<%@ page language="java" import="java.util.*" %>
<%@ page language="java" import="java.util.zip.*" %>
<%@ page language="java" import="javax.xml.parsers.*" %>
<%@ page language="java" import="org.w3c.dom.*" %>
<%@ page language="java" import="org.xml.sax.*" %>
<%@ page language="java" import="javax.xml.transform.*" %>
<%@ page language="java" import="javax.xml.transform.dom.*" %>
<%@ page language="java" import="javax.xml.transform.stream.*" %>
<%@ taglib uri="http://java.sun.com/jsp/jstl/core" prefix="c" %>

<%!
    private static Document convertStringToXMLDocument(String xmlString) {
        DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
        DocumentBuilder builder;
        try {
            builder = factory.newDocumentBuilder();          
            Document doc = builder.parse(new InputSource(new StringReader(xmlString)));
            return doc;
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }
%>

<%
    String responseMessage = (String) request.getParameter("SAMLResponse");
    responseMessage = responseMessage.replaceAll("\\s", "").trim();
    byte[] base64DecodedResponse = Base64.getMimeDecoder().decode(responseMessage);
    String outputString = new String(base64DecodedResponse);
    Document doc = convertStringToXMLDocument(outputString);
    Transformer transformer = TransformerFactory.newInstance().newTransformer();
    transformer.setOutputProperty("{http://xml.apache.org/xslt}indent-amount", "4");
    transformer.setOutputProperty(OutputKeys.OMIT_XML_DECLARATION, "yes");
    transformer.setOutputProperty(OutputKeys.INDENT, "yes");
    Source source = new DOMSource(doc);
    StringWriter writer = new StringWriter();
    Result res = new StreamResult(writer);
    transformer.transform(source, res);
    String SAMLString = writer.toString();
%>

<c:set var="SAMLResponse" value='<%= SAMLString %>' />

<c:out value='${SAMLResponse}' escapeXml="false" />

问题是,当收到的saml很长时,页面似乎不再工作,我无法正确解码它。我想指出的是,如果我创造了这样的东西:

String responseMessage = "<long encoded SAML here>";

我继续计算jsp页面显示了预期的结果。这是否与浏览器剪切的查询字符串或以非字符串格式接收的查询字符串有关?谢谢

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题