mace-opensaml-users - RE: Verify a SAML token
Subject: OpenSAML user discussion
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: Verify a SAML token
- Date: Thu, 24 May 2007 17:27:01 -0400
- Organization: The Ohio State University
> I there a convenient way to use OpenSAML to verify the SAML token.
> SAMLAssertion.validate() seems only to check XML characteristics.
> Do you know a tutroial?
There is no documentation for OpenSAML 1 and the small bit of 2.0 docs are
out of date at the moment in this area. There is no method I can recall by
that name with that class name, so I don't know what version you're using
here.
1.x includes verify methods on the SAMLSignedObject class for examining
signatures. Trust is out of scope.
2.0 includes a more comprehensive API but it's still getting finished, in
Java anyway.
Validators in 2.0 can do anything, XML rules are merely one option. I
believe the raw signature checks are still handled with a validator object,
apart from the higher level trust engine APIs.
-- Scott
- Verify a SAML token, Tom Dinkelaker, 05/24/2007
- RE: Verify a SAML token, Scott Cantor, 05/24/2007
- RE: Verify a SAML token, George Stanchev, 05/24/2007
Archive powered by MHonArc 2.6.16.