--- a/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java	Tue Jun 04 16:58:49 2013 +0200
+++ b/gwt-client/src/main/java/org/dive4elements/river/client/server/auth/was/Response.java	Tue Jun 04 17:13:50 2013 +0200
@@ -10,11 +10,13 @@
 
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.StringBufferInputStream;
 import java.util.List;
 
 import org.apache.commons.codec.binary.Base64InputStream;
 
 import org.apache.http.HttpEntity;
+import org.apache.http.util.EntityUtils;
 
 import org.apache.log4j.Logger;
 
@@ -37,6 +39,7 @@
     private static Logger logger = Logger.getLogger(Response.class);
 
     private Element root;
+    private String samlTicketXML;
     private Assertion assertion;
     private String username;
     private String password;
@@ -53,8 +56,9 @@
         }
 
         String contenttype = entity.getContentType().getValue();
+        String samlTicketXML = EntityUtils.toString(entity);
 
-        InputStream in = entity.getContent();
+        InputStream in = new StringBufferInputStream(samlTicketXML);
 
         if (!contenttype.equals("application/vnd.ogc.se_xml")) {
             // XXX: Assume base64 encoded content.
@@ -70,6 +74,7 @@
                                                           "ServiceException"));
         }
 
+        this.samlTicketXML = samlTicketXML;
         this.root = root;
         this.username = username;
         this.password = password;
@@ -113,7 +118,7 @@
                 this.assertion.getRoles());
         logger.debug("User " + this.username + " with features " + features +
                      " successfully authenticated.");
-        return new User(assertion, features, this.password);
+        return new User(assertion, this.samlTicketXML, features, this.password);
     }
 }
 // vim: set si et fileencoding=utf-8 ts=4 sw=4 tw=80: