OpenSAML user discussion

["Scott Cantor" <>]

> I am facing an issue with extracting SAML token (signed one). I am using
> SAML 1.0. My problem is - how do I refer to the saml token as the URI in
> ds:Reference element under the ds:Signature/ds:SignedInfo element ?

You can't, that's the problem with SAML 1.0. The token profile in WSS for
SAML 1.0 has specific rules for that (I think) and that's why they don't use
URI references in that case. Or maybe they just punted on SAML 1.0? Not
sure. IIRC you have to wrap the assertion in an STR and you reference that.

Anyway, my advice is don't use SAML 1.0.

-- Scott