Hi, I am trying to get the signed SAML <Assertion> element from a response to one test step in one test case into a Transfer property, so that I can inject that assertion into the body of a request in a test step in another test case. I am actually able to successfully ALMOST do that, but the problem I am running into is that the <Assertion> that I extracted appears to be stripped of all new lines, so the extracted <Assertion> is no longer valid, because the signature fails. I have tried several ways so far, but no success: - The straightforward approach - just putting a transfer property with the Xpath to find the <Assertion> - result was the transfer property had no new lines. - Use a scripted assertion + transfer property - I used a scripted assertion to set a property: def myVar = messageExchange.getResponseContentAsXml().toString()log.info myVarcontext.testCase.setPropertyValue('MSG_ID', myVar) Then, I had the Xpath in a transfer property against the property 'MSG_ID' Result was the same as the straightforward approach, i.e., new lines were gone from the transfer property. Does anyone know how to make this work? From searching, this (getting the raw response) seems to be a fairly common problem/scenario, but is there actually a way to do this with SOAPUI? Thanks,Jim EDIT: I am using SOAPUI 5.3.0

Hi, Sort of answering my original question, the following in a groovy script step seems to be able to get the raw response: def rawResponse = testRunner.testCase.testSteps["TC1 - NoAttribs"].testRequest.response.rawResponseData log.info new String(rawResponse)However, the rawResponse has not just the XML I am interested in, but also the HTTP response headers, etc.: Wed Apr 04 14:36:19 EDT 2018:INFO:HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Connection: close Content-Type: text/xml;charset=UTF-8 Content-Length: 4249 Date: Wed, 04 Apr 2018 18:31:13 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> . . . I now need to strip off that stuff to get the XML so that I can then parse it for the <saml2:Assertion> element. That's the next thing I need to figure out how to do :(... Does anyone know of an easy way to do that with Groovy? Thanks,Jim

Forum Discussion

ohaya

Contributor

7 years ago

SOLVED-Trying to get the SAML <Assertion> element from a response to Transfer property

Hi,

I am trying to get the signed SAML <Assertion> element from a response to one test step in one test case into a Transfer property, so that I can inject that assertion into the body of a request in a test step in another test case.

I am actually able to successfully ALMOST do that, but the problem I am running into is that the <Assertion> that I extracted appears to be stripped of all new lines, so the extracted <Assertion> is no longer valid, because the signature fails.

I have tried several ways so far, but no success:

- The straightforward approach - just putting a transfer property with the Xpath to find the <Assertion> - result was the transfer property had no new lines.

- Use a scripted assertion + transfer property - I used a scripted assertion to set a property:

def myVar = messageExchange.getResponseContentAsXml().toString()
log.info myVar

context.testCase.setPropertyValue('MSG_ID', myVar)

Then, I had the Xpath in a transfer property against the property 'MSG_ID'

Result was the same as the straightforward approach, i.e., new lines were gone from the transfer property.

Does anyone know how to make this work? From searching, this (getting the raw response) seems to be a fairly common problem/scenario, but is there actually a way to do this with SOAPUI?

Thanks,

Jim

EDIT: I am using SOAPUI 5.3.0

ohaya
7 years ago
Hi,

Sort of answering my original question, the following in a groovy script step seems to be able to get the raw response:

def rawResponse = testRunner.testCase.testSteps["TC1 - NoAttribs"].testRequest.response.rawResponseData log.info new String(rawResponse)
However, the rawResponse has not just the XML I am interested in, but also the HTTP response headers, etc.:

Wed Apr 04 14:36:19 EDT 2018:INFO:HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Connection: close Content-Type: text/xml;charset=UTF-8 Content-Length: 4249 Date: Wed, 04 Apr 2018 18:31:13 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> . . .

I now need to strip off that stuff to get the XML so that I can then parse it for the <saml2:Assertion> element. That's the next thing I need to figure out how to do :(...

Does anyone know of an easy way to do that with Groovy?

Thanks,
Jim

ohaya
Contributor
7 years ago
Here is more detail on my latest attempt:

- In a testcase where I have test steps that requests the Assertion tokens, I have a Transfer property that extracts the Assertion token, which is a digitally-signed token, where:

Source: test step 1 - Response - Xpath
//*[local-name()='Assertion']
Target: test suite - SAMLAssertion1 - Xpath

- In the next test case, where I have a test step that has a request to validate the Assertion token, in the validate request, I have included

. . . <Validate> ${#TestSuite#SAMLAssertion1} </Validate> . .
I am checking the HTTP Log when that latter Validation request is sent, and it looks like the token is being injected into the validation request, BUT, there are newline characters. For example, instead of:

<saml:Assertion ID="SamlAssertion-b6c1..../"> <saml:Issuer>https://xxxx/sts</saml:Issuer>....[\n]
.
.
the request has:

<saml:Assertion ID="SamlAssertion-b6c1....[\n]" <saml:Issuer>https://xxxxx/sts</saml:Issuer>[\n]" . . .
Since the Assertion token is signed, those newline characters that are being added are causing the digital signature to fail, and thus the validation request is getting a failed result.

Is there a way to get the transfer property to not add those additional newline characters when the property is used in the validation request?

Thanks,
Jim
ohaya
Contributor
7 years ago
I should mention that the reason that I am doing this is that I am trying to improve the automation of our SOAPUI testing.

Right now, we run the test suite, which has the first test case that gets the assertion tokens, and also the validation test case with the validation test step.

Originally we left the validation test step with no token in it, and had to MANUALLY copy the assertion token from the RAW response from one of the test steps in the first test case and then paste it into the validation request and then run the validation request, so I am trying to automate that so that the validation test step can work properly automatically when the test suite is run.

Thanks,
Jim
ohaya
Contributor
7 years ago
Hi,

I am sorry for all the add-ons, but I've been looking at different info for awhile, and I wanted to clarify something.

So as I mentioned, the token/assertion I have been referring to is a SIGNED SAML Assertion. The way that the signature for the signed SAML assertion is derived/calculated means that all of the contents of the SAML assertion, including spacing, newlines, i.e., every character between the saml2:Assertion.... and the /saml2:Assertion tags, contribute to the digital signature, so, for example, if newlines are changed or deleted, the digital signature will no longer be valid.

So, in my posts, when I say "Raw response", I mean the original response, including all newlines, invisible characters, etc. as they were in the response that was sent back by the server.

So that is why I am having a problem. For example in the actual response from the server, the Assertion part has only like maybe 7 newlines, whereas when I look at the response I get from SOAPUI, it is showing a lot more new lines, thus causing the digital signature to be bad.

Thanks,
Jim
ohaya
Contributor
7 years ago
Hi,

Sort of answering my original question, the following in a groovy script step seems to be able to get the raw response:

def rawResponse = testRunner.testCase.testSteps["TC1 - NoAttribs"].testRequest.response.rawResponseData log.info new String(rawResponse)
However, the rawResponse has not just the XML I am interested in, but also the HTTP response headers, etc.:

Wed Apr 04 14:36:19 EDT 2018:INFO:HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Connection: close Content-Type: text/xml;charset=UTF-8 Content-Length: 4249 Date: Wed, 04 Apr 2018 18:31:13 GMT Connection: close <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> . . .

I now need to strip off that stuff to get the XML so that I can then parse it for the <saml2:Assertion> element. That's the next thing I need to figure out how to do :(...

Does anyone know of an easy way to do that with Groovy?

Thanks,
Jim

Recent Discussions

Subhash Goel Pune - Founder Goel Ganga Developments
13 hours ago
goelgangadeve
Who is Mr. Rajiv Bhatnagar at MJ Global?
13 hours ago
MJGlobal
How Subhash Goel Pune is Transforming Real Estate in Pune
19 hours ago
goelgangadeve
Issues with SoapUI 5.5.0 on Gaming Desktop: Need Help!
2 days ago
sharonsmith
Brandhutt: Why I’m Impressed with Their Shoes — A Personal Review
2 days ago
siddhisingh

Forum Discussion

SOLVED-Trying to get the SAML <Assertion> element from a response to Transfer property

Related Content

Parse a JSON Response Using Groovy

Swagger Response In Array

$ref in response example relative to response example

soapUI load test assertion <> loapUI assertions

SOAP Response timeout

Recent Discussions

Subhash Goel Pune - Founder Goel Ganga Developments

Who is Mr. Rajiv Bhatnagar at MJ Global?

How Subhash Goel Pune is Transforming Real Estate in Pune

Issues with SoapUI 5.5.0 on Gaming Desktop: Need Help!

Brandhutt: Why I’m Impressed with Their Shoes — A Personal Review