mace-opensaml-users - Re: [OpenSAML] Signature problems
Subject: OpenSAML user discussion
List archive
- From: Brent Putman <>
- To: "" <>
- Cc:
- Subject: Re: [OpenSAML] Signature problems
- Date: Thu, 06 Nov 2008 12:12:55 -0500
This sounds like the Apache xmlsec issue that effectively disallows you
from signing then verifying (or vice versa) for the same algorithm in a
given thread. Check whether you are doing something along those lines.
If it's not that exact issue, it's at least something similar, due to
some rather questionable optimizations in Apache xmlsec.
See:
https://mail.internet2.edu/wws/arc/mace-opensaml-users/2008-09/msg00011.html
and especially the Apache bug report referenced from there:
https://issues.apache.org/bugzilla/show_bug.cgi?id=44204
wrote:
> Hi, we have to read and modify an SAMLResponse.
>
> //read SAMLResponse
> from a string
> Response response = (Response) responseUnmarsh.unmarshall
> (XMLUtils.parse("<samlp:Response>...</samlp:Response>").
> getDocumentElement());
>
> //modify SAMLResponse
> response.setInResponseTo
> ("...");
>
> //Recreate SAMLResponse
> new ResponseMarshaller().marshall
> (response);
>
> //Now, we have to computing the Signature Value
> Signature
> signature = response.getSignature();
> Signer.signObject(signature);
>
>
> But, Signer.signObject throws this exception
>
> Original Exception was
> java.security.SignatureException: object not initialized for signature
> or verification
> Where is the error?
>
>
> _______________________________________________________________
>
>
>
> Telefona e naviga senza limiti con Tiscali Voce 8 Mega a soli € 15 al mese
> per i primi 12 mesi. In seguito paghi € 29,90 al mese. Attiva entro il
> 6/11/08! http://abbonati.tiscali.it/promo/voce8mega/
>
- Signature problems, , 11/06/2008
- Re: [OpenSAML] Signature problems, Paul Hethmon, 11/06/2008
- Re: [OpenSAML] Signature problems, Brent Putman, 11/06/2008
Archive powered by MHonArc 2.6.16.