Skip to Content.
Sympa Menu

mace-opensaml-users - Re: Re: Re: [OpenSAML] OpenSAML SignatureValidator Issues!

Subject: OpenSAML user discussion

List archive

Re: Re: Re: [OpenSAML] OpenSAML SignatureValidator Issues!


Chronological Thread 
  • From:
  • To:
  • Subject: Re: Re: Re: [OpenSAML] OpenSAML SignatureValidator Issues!
  • Date: Sun, 9 Nov 2008 22:07:52 -0500 (EST)

Thanks Brent very much .The problem has been solved. :)

> Well, if you're sure you are validating with the right key, then it
> almost certainly must be the case that the SignedInfo element really has
> been modified since it was signed. You'll need to double-check the
> serialization process on the signer side, and the deserialization and
> unmarshalling process on the receiving side, to find out where and how.
> That's all I can tell you.

> Remember that any change to the signed document will cause the signature
> to fail, even something as trivial as addition or removal of whitespace.

I have double-checked my Saml Assertion, I found, the difference between
the Assertion from sender and the Assertion received at SP is the former had
more '/n' than the latter. I thought this was the reason of
SignatureValidator.validate(..) failed. Then I encoded the Saml Assertion
used Base64 before sending, just as expected, the
SignatureValidator.validate(..) passed.
Now I want to know whether the Assertion must be encoded before sending to
SP?



Archive powered by MHonArc 2.6.16.

Top of Page