OpenSAML user discussion

[Patrick Krug <>]

I switched back to my java version using the opensaml java code.  The company that I am sending the saml to says that they are receiving the following error on their side.
 

[date = 5/9/2008 08:59:05.443AM][orb = GSA_CERT_PS][txid = 544752][host = c-hestia][msg = caught a SAML exception: <Status xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"><StatusCode Value="samlp:Responder"/><StatusMessage>failed to verify signature value: $1</StatusMessage><StatusDetail xmlns:opensaml="http://www.opensaml.org"><opensaml:ExceptionClass>org.opensaml.InvalidCryptoException</opensaml:ExceptionClass><opensaml:Param Name="1">RSA Validation of &lt;SignedInfo&gt; failed</opensaml:Param></StatusDetail></Status>]

 

 

I resent them the cert thinking that might be the reason but it still fails.   Any ideas?

---

From:
To: ;
Date: Fri, 2 May 2008 14:13:16 -0400
Subject: RE: [OpenSAML] Saml error - Element 'Signature' is not valid for content model

No problem.   I have a couple of versions now.   2 in c# using different tool kits and 1 in java using opensaml.   The opensaml one works but only in dev.   I guess I will hopefully finish this next week.  Thanks for your input.

> From:
> To: ;
> Date: Fri, 2 May 2008 13:07:51 -0400
> Subject: RE: [OpenSAML] Saml error - Element 'Signature' is not valid for content model
>
> > I am using the SourceID.Net toolkit implementation. What the
> SourceID.Net
> > implemenation did not implement was the signing of the Assertion.
>
> Oops. I wouldn't have suggested it if I had known, sorry. That's kind of 95%
> of the point of using a toolkit, signing's the hard part.
>
> -- Scott
>
>