For my project I am required to display the encrypted as well as decrypted version of the SAML response to the user.
Currently the Spring SAML sample app displays the Encrypted (i.e. original) SAML response, but I am not sure how to show the same response with all elements (NameID, assertions, and other elements) decrypted.
I know that the Spring SAML sample app displays the assertions in a table format, but I am required to display the entire 'decrypted' XML SAML response with all the tags and attributes.
Note I am working the SP part and the IDP is configured to send encrypted SAML responses with encrypted attributes and NameIDs.
Any help is appreciated.
Part 9.5 of the manual should help you.
9.5 Authentication assertion
Assertion used to authenticate user is stored in the SAMLCredential object under property authenticationAssertion. By default the original content (DOM) of the assertion is discarded and system only keeps an unmarshalled version which might slightly differ from the original, e.g. in white-spaces. In order to instruct Spring SAML to keep the assertion in the original form (keep its DOM) set property releaseDOM to false on bean WebSSOProfileConsumerImpl.
Assertion can be serialized to String using the following call:
XMLHelper.nodeToString(SAMLUtil.marshallMessage(credential.getAuthenticationAssertion()))