OpenSAML user discussion

Text archives Help


RE: [opensaml2.0]Validating XML Signature


Chronological Thread 
  • From: "Scott Cantor" < >
  • To: < >
  • Subject: RE: [opensaml2.0]Validating XML Signature
  • Date: Tue, 5 Feb 2008 12:54:25 -0500
  • Organization: The Ohio State University

> It's valid. An ID just has to be a string (with a few character
> limits), not a URI or anything. So that's valid. This error is almost
> certainly screwing up the XML before the library gets it.

No, I just checked, it's not legal.

http://www.w3.org/TR/1999/REC-xml-names-19990114/#NT-NCName

Anybody accepting that as an ID has broken code. Of course, absent schema
processing, lots of ID code is brute forced and it might work by accident,
even in OpenSAML.

But somebody should inform the producer of that SAML that their code is
wrong regardless.

-- Scott





Archive powered by MHonArc 2.6.16.

Top of page