Skip to Content.
Sympa Menu

mace-opensaml-users - RE: [JOS-5] fail to validate saml xml since missing excusive c14n schema

Subject: OpenSAML user discussion

List archive

RE: [JOS-5] fail to validate saml xml since missing excusive c14n schema


Chronological Thread 
  • From: "Scott Cantor" <>
  • To: <>
  • Subject: RE: [JOS-5] fail to validate saml xml since missing excusive c14n schema
  • Date: Fri, 29 Feb 2008 20:53:07 -0500
  • Organization: The Ohio State University

> After investigation, I found out that the BinarySecurityToken of my
outbound
> message is not signed. I could not find in the specs that this item needed
> to be signed as well??

A SAML assertion isn't a BinarySecurityToken, so this isn't an OpenSAML
qustion. And I don't know what specs you mean.

> In addition, apparently, their web service expects the xml statement:
> <exc14n:InclusiveNamespaces
xmlns:exc14n="http://www.w3.org/2001/10/xml-exc-
> c14n#" PrefixList="" /> inside the Transform tag of references:

An empty list is meaningless, there's no reason to require it.

> Is that really needed and if it is, is it related to the bug JOS-5. If it
> is, how can I patch my opensaml? Basically, I am looking for a workaround.

It's not related, and there is no workaround. If you want to make it include
that element, that would be up to you.

-- Scott





Archive powered by MHonArc 2.6.16.

Top of Page