OpenSAML user discussion

["Scott Cantor" <>]

> [Pantvaidya, Vishwajit] Using OxygenXML, signature verification of the
> following response failed.
> Then I tried to verify the assertion signature using Oxygen - since that
> part worked for me in the opensaml java code. So I removed the outer
> response and saml status elements, leaving just the assertion. I did not
> change any content within the assertion element - so this should not
> invalidate the original signature right? But even the assertion signature
> verification failed with OxygenXML. So is the OxygenXML saml response
> verification failure meaningful?

It means you changed the XML.

> The saml response I used is posted herewith:

That's pretty printed. There's no way that will work. You understand that a
single additional or missing whitespace character will break the signature,
right?

-- Scott