Skip to main content
Inspiring
September 15, 2014
Answered

Encrypting a SAML Assertion using toBase64

  • September 15, 2014
  • 1 reply
  • 1022 views

I have a pretty generic SAML assertion that I need to encrypt so I can pass it as a URL variable. The problem is when I use the toBase64 tag it adds the <?xml version="1.0" encoding="UTF-8"?> line to the top of the encrypted string. 

This is what my code looks like:

<CFSET MyDate = DateFormat(Now(), "yyyy-mm-dd") & 'T' & TimeFormat(Now(), "HH:nn:ss") & '.343Z'>

<cfxml variable="samlAssertionXML">

<samlp:AuthnRequest IssueInstant="#MyDate#" ID="_kdls_testing_application_for_single_sign_on" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">

    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://localhost/sde</saml:Issuer>

    <samlp:NameIDPolicy AllowCreate="true"/>

  </samlp:AuthnRequest>

</cfxml>

<CFSET MySML = toBase64(toString(samlAssertionXML))>


When I decrypt the variable MySML using an online debugger this is what I get:

<?xml version="1.0" encoding="UTF-8"?>

<samlp:AuthnRequest IssueInstant="#MyDate#" ID="_kdls_testing_application_for_single_sign_on" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">

  <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://localhost/sde</saml:Issuer>

  <samlp:NameIDPolicy AllowCreate="true"/>

</samlp:AuthnRequest>


My question is how to I encode my string without getting that annoying XML header included???  Unfortunately the XML header is confusing the ADFS server I'm sending my SAML string to so it has to go.  Any ideas???


This topic has been closed for replies.
Correct answer Carl Von Stetten

I suspect that the CFXML tag automatically adds that to make it valid XML.  Since you are trying to create an XML fragment, you might have better luck with CFSAVECONTENT instead of CFXML.

-Carl V.

1 reply

Carl Von Stetten
Carl Von StettenCorrect answer
Legend
September 15, 2014

I suspect that the CFXML tag automatically adds that to make it valid XML.  Since you are trying to create an XML fragment, you might have better luck with CFSAVECONTENT instead of CFXML.

-Carl V.

Inspiring
September 15, 2014

Carl you are AWESOME!!!   thank you, Thank You, THANK YOU!!!

All I had to do was change this:<cfxml variable="samlAssertionXML">

To this:<CFSaveContent variable="samlAssertionXML">

Then I added a trim to my string like this:<CFSET MySML = toBase64(toString(TRIM(samlAssertionXML)))>

And life is good again!!!