mace-opensaml-users - Re: [OpenSAML] Saml error - Element 'Signature' is not valid for content model
Subject: OpenSAML user discussion
List archive
- From: "Tom Scavo" <>
- To:
- Subject: Re: [OpenSAML] Saml error - Element 'Signature' is not valid for content model
- Date: Mon, 28 Apr 2008 13:15:58 -0400
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=Xf5N448DAxI/UAoINWSYsskhlcAaHNpFamn0QPdy+z57mVuFs1Lw7Z1vgybmDZ3kRIvD46ALq5oArLmtY19gsrR/CdhcvAamR1HPldkIISBXwcS1O29ljIEA8LUHLbnGSK5IREn56TT8hHsCabenfqeL61rSNolfeB8mEwr7Zek=
I believe the <Signature> element is the last child element of the
<Assertion> element. Check the schema.
Tom
On Fri, Apr 25, 2008 at 11:44 AM, Patrick Krug
<>
wrote:
>
> I am having a problem with my saml implementation. I have implemented
> my saml 1.1 using c# on windows. The vendors saml implementation is using
> the opensaml programs.
> What am I doing wrong?
>
> The error message on the vendors side is : XML::Parser detected an error
> during parsing: Element 'Signature' is not valid for content model
>
>
> <Response xmlns:ds=\"http://www.w3.org/2000/09/xmldsig#\"
> xmlns=\"urn:oasis:names:tc:SAML:1.0:protocol\"
> IssueInstant=\"2008-04-25T11:25:50Z\" MajorVersion=\"1\" MinorVersion=\"1\"
> Recipient=\"https://clinician.emdeon.com\"
> ResponseID=\"piiabmlphankocfbhhbhcomieogpcnaeilhclbbi\"
> xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"
> xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\"
> xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"
> xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><Signature
> xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod
> Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#\" /><SignatureMethod
> Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\" /><Reference
> URI=\"\"><Transforms><Transform
> Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"
> /><Transform
> Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#WithComments\"><InclusiveNamespaces
> PrefixList=\"#default saml samlp ds xsd xsi code kind rw typens\"
> xmlns=\"http://www.w3.org/2001/10/xml-exc-c14n#\"
> /></Transform></Transforms><DigestMethod
> Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"
> /><DigestValue>azbO17QKL8uQiwyg5CAPueZj3pk=</DigestValue></Reference></SignedInfo><SignatureValue>E6k88bQKCinDEyLe1Pz0EHxCmo4vmZnmqu9ceUbnHI///yNqe2zaFSm4xWPhTk61M9zTzLwBTuS+/xgjbIvEDnPl6FXreXF00P5wx+z/O2uAwwKpOtJb5UmVmJgcixBS0bt9h0TkI/7oLTJ1PgbIROM2jig+Ue9UaI4lvbJ5zP0=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIBuTCCASKgAwIBAgIESAO9iDANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZCYXB0aXN0IE1lZGljYWwgQ2VudGVyMB4XDTA4MDQxNDIwMjQ0MFoXDTE4MDQxMjIwMjQ0MFowITEfMB0GA1UEAxMWQmFwdGlzdCBNZWRpY2FsIENlbnRlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvR30OZ5RDbcK0RjtPbGx5QizNlvsCfCyYkz6DiUIF7K/qAB6mqdVNr8VFQP8DngeJBUHi6Z3Y/B+SCQC3teJvocQRlVCz2lIY4dNCpmhHMTBjtz+yxuMtc77NEPNkK2aqWXLbIeYNDekcR1wbQltzIs9y+/1Y2j1KAIcV5HIKcCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBUtHmdPXOkMU5GCJACdXwv+KylaS5zowMZ89V0JTuQGhIuSymsW8kKd7LluI2zQ3sdVCx4NE3/jYISTGlM01AJGJReBoDFkIaeozJ2t2Qch34mQ7L0SIrtUEUeBpIBmeS92NGQEKpHdDF/on+a92IooGnrNcYaEPh7zyOEBMuldg==</X509Certificate></X509Data></KeyInfo></Signature><Status><StatusCod
e
> Value=\"samlp:Success\" /></Status><Assertion
> xmlns=\"urn:oasis:names:tc:SAML:1.0:assertion\" AssertionID=\"tag1\"
> IssueInstant=\"2008-04-25T11:25:51Z\" Issuer=\"Baptist Medical Center\"
> MajorVersion=\"1\" MinorVersion=\"1\"
> xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\"
> xmlns:samlp=\"urn:oasis:names:tc:SAML:1.0:protocol\"
> xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"
> xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"><Signature
> xmlns=\"http://www.w3.org/2000/09/xmldsig#\"><SignedInfo><CanonicalizationMethod
> Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"
> /><SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"
> /><Reference URI=\"\"><Transforms><Transform
> Algorithm=\"http://www.w3.org/2000/09/xmldsig#enveloped-signature\"
> /><Transform
> Algorithm=\"http://www.w3.org/2001/10/xml-exc-c14n#WithComments\"><InclusiveNamespaces
> PrefixList=\"#default saml samlp ds xsd xsi code kind rw typens\"
> xmlns=\"http://www.w3.org/2001/10/xml-exc-c14n#\"
> /></Transform></Transforms><DigestMethod
> Algorithm=\"http://www.w3.org/2000/09/xmldsig#sha1\"
> /><DigestValue>/Y3/FsMUrUiE+Kj6WKbejGoQkRo=</DigestValue></Reference></SignedInfo><SignatureValue>mWwvz8Ts8PGMOwHWI0Om3xtr6WYFpk/H9+IPp4mujA7WkqAE5LUWCRGjJZHvb/jq6BDOM7DJcBmqZx49+R6HOKaBQxWbAC6mplz4hyZj6g8rgPtNuDRZJPejQV27+u9yMxjr3qGv61OS+LlkrMGqTUSrTb9MnYT+3pf6so8WyMM=</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIBuTCCASKgAwIBAgIESAO9iDANBgkqhkiG9w0BAQQFADAhMR8wHQYDVQQDExZCYXB0aXN0IE1lZGljYWwgQ2VudGVyMB4XDTA4MDQxNDIwMjQ0MFoXDTE4MDQxMjIwMjQ0MFowITEfMB0GA1UEAxMWQmFwdGlzdCBNZWRpY2FsIENlbnRlcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvR30OZ5RDbcK0RjtPbGx5QizNlvsCfCyYkz6DiUIF7K/qAB6mqdVNr8VFQP8DngeJBUHi6Z3Y/B+SCQC3teJvocQRlVCz2lIY4dNCpmhHMTBjtz+yxuMtc77NEPNkK2aqWXLbIeYNDekcR1wbQltzIs9y+/1Y2j1KAIcV5HIKcCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBUtHmdPXOkMU5GCJACdXwv+KylaS5zowMZ89V0JTuQGhIuSymsW8kKd7LluI2zQ3sdVCx4NE3/jYISTGlM01AJGJReBoDFkIaeozJ2t2Qch34mQ7L0SIrtUEUeBpIBmeS92NGQEKpHdDF/on+a92IooGnrNcYaEPh7zyOEBMuldg==</X509Certificate></X509Data></KeyInfo></Signature><Conditions
> NotBefore=\"2008-04-24T11:25:51Z\"
> NotOnOrAfter=\"2008-04-26T11:25:51Z\"><AudienceRestrictionCondition><Audience>http://www.opensaml.org</Audience></AudienceRestrictionCondition></Conditions><AuthenticationStatement
> AuthenticationInstant=\"2008-04-25T11:25:52Z\"
> AuthenticationMethod=\"urn:oasis:names:tc:SAML:1.0:am:password\"><Subject
> xmlns=\"urn:oasis:names:tc:SAML:1.0:assertion\"><NameIdentifier>pkrug001</NameIdentifier><SubjectConfirmation><ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</ConfirmationMethod></SubjectConfirmation></Subject></AuthenticationStatement></Assertion></Response>"
>
>
>
>
>
>
- Saml error - Element 'Signature' is not valid for content model, Patrick Krug, 04/25/2008
- Re: [OpenSAML] Saml error - Element 'Signature' is not valid for content model, Tom Scavo, 04/28/2008
- Re: [OpenSAML] Saml error - Element 'Signature' is not valid for content model, Brent Putman, 04/28/2008
- Re: [OpenSAML] Saml error - Element 'Signature' is not valid for content model, Kurt Werner, 04/28/2008
- RE: [OpenSAML] Saml error - Element 'Signature' is not valid for content model, Patrick Krug, 04/28/2008
- RE: [OpenSAML] Saml error - Element 'Signature' is not valid for content model, Scott Cantor, 04/28/2008
- RE: [OpenSAML] Saml error - Element 'Signature' is not valid for content model, Patrick Krug, 04/28/2008
Archive powered by MHonArc 2.6.16.