mace-opensaml-users - Re: Sigining of Assertion instead of Response
Subject: OpenSAML user discussion
List archive
- From: "Tom Scavo" <>
- To:
- Subject: Re: Sigining of Assertion instead of Response
- Date: Mon, 15 Jan 2007 10:23:01 -0500
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=VLnluB5uot8uThImz+mGarA0L0r0pK49Jz4DqIYkmxjkm0SpR4Yg35lcsOr8POuQHSBMGwBGpGXaxAlIOCdlO8nrS26xwDRm8WsvqUAvNPFicwFOrAW1rrwlED0MxzUeEfin2K0H8cQR/yETK7naX49FmcN+0cBagkBER4fSwRQ=
On 1/15/07, Andreas Vallen
<>
wrote:
The version of the Sun Access Manager product that we test our opensaml-based
IDP against,
expects the Assertion element instead of the Response element to be signed
(in the case of
successfull Responses).
This is clearly a Access Manager bug - it should work either way.
FYI, a Shibboleth SP (which is based on OpenSAML) communicates its
desire for signed assertions via metadata:
<md:SPSSODescriptor
WantAssertionsSigned="true"
protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
So now I'm curious ;-) does Sun Access Manager produce SAML metadata,
and does your IdP consume it?
Tom
- Sigining of Assertion instead of Response, Andreas Vallen, 01/15/2007
- Re: Sigining of Assertion instead of Response, Tom Scavo, 01/15/2007
- Re: Sigining of Assertion instead of Response, Andreas Vallen, 01/15/2007
- Re: Sigining of Assertion instead of Response, Tom Scavo, 01/15/2007
- Re: Sigining of Assertion instead of Response, Andreas Vallen, 01/16/2007
- Re: Sigining of Assertion instead of Response, Tom Scavo, 01/15/2007
- Re: Sigining of Assertion instead of Response, Andreas Vallen, 01/15/2007
- RE: Sigining of Assertion instead of Response, Scott Cantor, 01/15/2007
- Re: Sigining of Assertion instead of Response, Andreas Vallen, 01/16/2007
- Re: Sigining of Assertion instead of Response, Tom Scavo, 01/16/2007
- RE: Sigining of Assertion instead of Response, Scott Cantor, 01/16/2007
- Re: Sigining of Assertion instead of Response, Andreas Vallen, 01/16/2007
- RE: Sigining of Assertion instead of Response, Scott Cantor, 01/16/2007
- Re: Sigining of Assertion instead of Response, Andreas Vallen, 01/16/2007
- Re: Sigining of Assertion instead of Response, Andreas Vallen, 01/16/2007
- Re: Sigining of Assertion instead of Response, Tom Scavo, 01/15/2007
Archive powered by MHonArc 2.6.16.