Skip to Content.
Sympa Menu

mace-opensaml-users - RE: Xerces 2.8.1 and Xalan 2.7.0 with OpenSAML 1.1

Subject: OpenSAML user discussion

List archive

RE: Xerces 2.8.1 and Xalan 2.7.0 with OpenSAML 1.1


Chronological Thread 
  • From: "Scott Cantor" <>
  • To: <>
  • Subject: RE: Xerces 2.8.1 and Xalan 2.7.0 with OpenSAML 1.1
  • Date: Tue, 31 Jul 2007 20:53:49 -0400

> OK, I was able to isolate the problem to the line
> r.verify(ks.getCertificate(alias));

The later version can't verify a signature without a reparse, it doesn't
construct the signature objects adequately when signing something. The line
doesn't help anything in the test, other than point out the bug. Somebody
could probably fix the SAMLSignedObject class to try and compensate. I have
a flag that tracks whether the signature object came from a parse or not, at
a minimum it could check the flag and throw a more understandable error.

-- Scott





Archive powered by MHonArc 2.6.16.

Top of Page