Skip to Content.
Sympa Menu

mace-opensaml-users - Help: Referenced ID is not in DOM Document

Subject: OpenSAML user discussion

List archive

Help: Referenced ID is not in DOM Document


Chronological Thread 
  • From: "Qian Wang" <>
  • To: <>
  • Subject: Help: Referenced ID is not in DOM Document
  • Date: Fri, 9 Dec 2005 00:51:18 -0800





Hi, my SAML response is causing this error:



"caught a SAML exception: caught an XMLSec exception while verifying
signature: Referenced ID is not in DOM Document"





Here is my SAML response. Could you help find the error in the response?
Thanks a lot!





<Response xmlns="urn:oasis:names:tc:SAML:1.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
IssueInstant="2005-12-09T08:37:37.181Z" MajorVersion="1" MinorVersion="1"
Recipient="https://corporate.expedia.com/pub/agent.dll?qscr=sson&amp;gpid=41";
ResponseID="_40d5718b159b83e59d88fd1763213e18"><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>

<ds:SignedInfo>

<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>

<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>

<ds:Reference URI="#_40d5718b159b83e59d88fd1763213e18">

<ds:Transforms>

<ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature";></ds:Transform>

<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="code ds kind
rw saml samlp typens #default xsd
xsi"></ec:InclusiveNamespaces></ds:Transform>

</ds:Transforms>

<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>

<ds:DigestValue>257Jsyw6U4I10+orEfF29viI1mo=</ds:DigestValue>

</ds:Reference>

</ds:SignedInfo>

<ds:SignatureValue>

fU0jE7ABUnZLozu4/JthEe7GPCXhAmNFAPKwhoQF28GZxD2iB+Oe9XX0VSGh3IBfQXyfX+TKO+rL

BqE9N4IaXbQAxnjUL7jvsy/WMgXxOseAr07zb4BVhO4YOn0p5sDW0ZcPWNtwY+VtJLIpYRChKoxm

4Jl7sLgveHibEHTH0ZU=

</ds:SignatureValue>

</ds:Signature><Status><StatusCode
Value="samlp:Success"></StatusCode></Status><Assertion
xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
AssertionID="_9bc1e8fd9083136b2c3ddcda7ddae5d4"
IssueInstant="2005-12-09T08:37:37.494Z" Issuer="http://www.opensaml.org";
MajorVersion="1" MinorVersion="0"><Conditions
NotBefore="2005-12-09T08:37:37.431Z"
NotOnOrAfter="2005-12-09T08:38:37.431Z"><AudienceRestrictionCondition><Audience>http://www.opensaml.org</Audience></AudienceRestrictionCondition></Conditions><AuthenticationStatement
AuthenticationInstant="2005-12-09T08:37:37.431Z"
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"><Subject><NameIdentifier>u2222222</NameIdentifier><SubjectConfirmation><ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod></SubjectConfirmation></Subject><SubjectLocality
DNSAddress="d:\cork.jks"
IPAddress="d:\cork.jks"></SubjectLocality></AuthenticationStatement><AttributeStatement><Subject><NameIdentifier>u2222222</NameIdentifier><SubjectConfirmation><ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod></SubjectConfirmation></Subject><Attribute
AttributeName="EmpUID" AttributeNamespace="cork"><AttributeValue
xsi:type="xsd:string">1</AttributeValue></Attribute></AttributeStatement></Assertion></Response>





Archive powered by MHonArc 2.6.16.

Top of Page