Java Security

Hi Guys,

I am totally new to Java security, I am trying to debug some sso code. We are using Base64 class. see the attached file. I get an nullpointer exception when the code tries to decode some string. Here is the method and the string

private String decodeAuthResponse(String encodedMessage) throws Exception {
byte[] decodedBytes = Base64.decode(encodedMessage);
return new String(decodedBytes,"UTF-8");
}

I pass this string to above method I get a nullpointer exception

I am using Base64 code from
@author Robert Harder
* @author rob@iharder.net
* @version 2.1

String saml2Response =
"<?xml version="1.0" encoding="UTF-8"?><Response xmlns="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://qq1c02.belldev.dev.bce.ca:9031/sp/ACS.saml2" ID="_cbe71b393c16d5f869825c60b4989da03f97" IssueInstant="2009-11-26T21:06:31Z" Version="2.0"> <ns1:Issuer xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">dev-fedws.bep.bell.ca</ns1:Issuer><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/><SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><Reference URI="#_cbe71b393c16d5f869825c60b4989da03f97"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><DigestValue>9dLHJOyGNCE0FdGixQeuFi4nfrU=</DigestValue></Reference></SignedInfo><SignatureValue>Iz2SImKrl/1tWUS8yduDoOkcuOcTTdz+xwtc1dAgz8Fwgnt7/WZfAMgiH9tmW2CfLdqOZ013DeCk"+
"wD8kry3yjEu1ZflmgcMsqWZmZN4r15tYfrfwfhHEtJRU/M9afB8UKy4eR6kauADbme+eL2LrhyLg"+
"3BWmgjs+IlCkU9pauXM=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIBnDCCAQUCBEtEnCIwDQYJKoZIhvcNAQEEBQAwFTETMBEGA1UEAxMKQ0MgU3R1ZGVudDAeFw0x"+
"MDAxMDYxNDIwMThaFw0xMDA0MDYxNDIwMThaMBUxEzARBgNVBAMTCkNDIFN0dWRlbnQwgZ8wDQYJ"+
"KoZIhvcNAQEBBQADgY0AMIGJAoGBAJVA/EC7aHwRU6OUdtIcGNFcQ25zO/nJpYDXHvaxz1yXtPsr"+
"hWmm8H0SRDQugnfqyW81e5J9O3yx+3GmPf8Du7BWI1q43ISyeVYz0tHYgMHpoxERjNRWhdTkWoiu"+
"pmBIMzt3lRwjsZSHpeEpuS/PmnZdWx3IaxPk1lWrwSTHSJwFAgMBAAEwDQYJKoZIhvcNAQEEBQAD"+
"gYEARjQX1H53kSup7uYnvzKBJOAcLlz0yN8e/0YKCGF0oEYzciob18xcfQNDNvixngOpCk5dAdau"+
"DgrbuuEDcCFYG/BztKnoES9N+q37qwSg5UUkzP9N+HMte5aWlPVNvA+3OSgLLRPa/BXRGEp8Axc1"+
"Q7EzZ5V+0t0K9DMBabOuyQU=</X509Certificate></X509Data></KeyInfo></Signature><Status> <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></Status><ns2:Assertion xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_35f401955487f2b32fb0577008f8ac4bd11f" IssueInstant="2009-11-26T21:06:31Z" Version="2.0"> <ns2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">dev-fedws.bep.bell.ca</ns2:Issuer><ns2:Subject><ns2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">administrator</ns2:NameID><ns2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> <ns2:SubjectConfirmationData NotOnOrAfter="2009-11-26T21:08:01Z" Recipient="https://qq1c02.belldev.dev.bce.ca:9031/sp/ACS.saml2"/> </ns2:SubjectConfirmation></ns2:Subject> <ns2:Conditions NotBefore="2009-11-26T21:06:01Z" NotOnOrAfter="2009-11-26T21:08:01Z"> <ns2:AudienceRestriction> <ns2:Audience>urn:emptoris:entityid</ns2:Audience></ns2:AudienceRestriction></ns2:Conditions> <ns2:AuthnStatement AuthnInstant="2009-11-26T21:06:31Z" SessionIndex="AWk8QsGwCbjirAQdEMRp1JZP+5Y=AwYL8w==" SessionNotOnOrAfter="2009-11-26T21:08:01Z"> <ns2:AuthnContext> <ns2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</ns2:AuthnContextClassRef> </ns2:AuthnContext> </ns2:AuthnStatement></ns2:Assertion></Response&gt";
System.out.println(saml2Response);