Skip to Content.
Sympa Menu

mace-opensaml-users - RE: [OpenSAML] RE: SAML1.1 response signature validation fails but assertion signature validation passes

Subject: OpenSAML user discussion

List archive

RE: [OpenSAML] RE: SAML1.1 response signature validation fails but assertion signature validation passes


Chronological Thread 
  • From: "Scott Cantor" <>
  • To: <>
  • Subject: RE: [OpenSAML] RE: SAML1.1 response signature validation fails but assertion signature validation passes
  • Date: Mon, 17 Nov 2008 14:04:11 -0500
  • Organization: The Ohio State University

> [Pantvaidya, Vishwajit] Attaching the log I got by turning debug on for
the
> digester on the validation side.

You have to compare the two sides.

> I see only the assertion signature and its
> digest but not the response signature and its digest in the messages.

The response digest can't contain the response signature for reasons that
should be fairly clear. It doesn't get far enough to compute the signature
because the reference already failed.

-- Scott





Archive powered by MHonArc 2.6.16.

Top of Page