mace-opensaml-users - Re: Signing a SAML token

Subject: OpenSAML user discussion

List archive

Re: Signing a SAML token

From: Chad La Joie <>
To:
Subject: Re: Signing a SAML token
Date: Wed, 12 Mar 2008 16:58:30 +0100
Organization: SWITCH

SAML only requires that the assertion signature cover the assertion itself.

Benjamin Coiffe wrote:

Hi all,

I have read the specs but can't really figure out something. Does the
signature of a SAML token, with confirmation method set to
sender-vouches, needs to reference both the assertion and the binary
security token?

I ask this cause WebLogic 9.2 seems to require it and I don't understand
why?

Any help appreciated,
Thanks

Benjamin Coiffe

--
SWITCH
Serving Swiss Universities
--------------------------
Chad La Joie, Software Engineer, Security
Werdstrasse 2, P.O. Box, 8021 Zürich, Switzerland
phone +41 44 268 15 75, fax +41 44 268 15 68
,
http://www.switch.ch

Signing a SAML object, matthew . webb, 03/07/2008
- Re: Signing a SAML object, Brent Putman, 03/07/2008
  - Deploying opensaml 2.0 in Jboss 4.2.0, Singh, Manish, 03/14/2008
    - Re: Deploying opensaml 2.0 in Jboss 4.2.0, Chad La Joie, 03/14/2008
- <Possible follow-up(s)>
- Re: Re: Signing a SAML object, matthew . webb, 03/11/2008
  - Re: Signing a SAML object, Brent Putman, 03/11/2008
    - Re: Signing a SAML object, Chad La Joie, 03/12/2008
      - Re: Signing a SAML object, Brent Putman, 03/12/2008
      - Signing a SAML token, Benjamin Coiffe, 03/12/2008
        
        Re: Signing a SAML token, Chad La Joie, 03/12/2008
        
        Re: Signing a SAML token, Brent Putman, 03/12/2008
        
        RE: Signing a SAML token, Scott Cantor, 03/12/2008
        
        Message not available
        
        Re: Signing a SAML token, Brent Putman, 03/12/2008
        
        RE: Signing a SAML token, Scott Cantor, 03/12/2008

List archive

Re: Signing a SAML token