Subject: OpenSAML user discussion
List archive
- From: murali mca <>
- To:
- Subject: Re: [OpenSAML] SAML signature validation
- Date: Tue, 15 Dec 2009 21:28:31 +0530 (IST)
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.co.in; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type; b=djHtpF0M671oy55kYOYLURQvp5uOlAvlKh0llml3dPj7WHrOPtCOgcA4XBXX6cg8FoetOGYJff8+EGKWgBjS5YhHjDbqKsTEAkqxMSEWpNSxvzb60emXEL0cRL0AUlx7HNDRFWRBGc8oZQqPIU+C9zqo0g7z9UNvs/ZHXQ/N4WE=;
Hi
I am trying to validate the SAML signature received from the IdentityProvider.The signature validation is always getting failed.So I want to print the digest value and compare it with actual digest value.
I have enabled the "DEBUG" level for logging(using slf4j), but could not see any thing related digestvalue in the logs.
Can some one suggest me how to accomplish this?
Thanks,
Regards,
Murali
--- On Fri, 27/11/09, murali mca <> wrote:
From: murali mca <> Subject: Re: [OpenSAML] SAML signature validation To: Date: Friday, 27 November, 2009, 5:10 AM
Thanks for clear explanation.
I was using Prettyprint in my code. I removed that and gave another try to validate the signature. This time I encountered below error:
java.lang.RuntimeException: org.apache.xml.security.signature.XMLSignatureException: object not initialized for signature or verification
Original Exception was java.security.SignatureException: object not initialized for signature or verification
org.apache.xml.security.utils.SignerOutputStream.write(Unknown Source)
org.apache.xml.security.utils.UnsyncBufferedOutputStream.flushBuffer(Unknown Source)
org.apache.xml.security.utils.UnsyncBufferedOutputStream.flush(Unknown Source)
org.apache.xml.security.utils.UnsyncBufferedOutputStream.close(Unknown Source)
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeSubTree(Unknown Source)
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineCanonicalizeSubTree(Unknown Source)
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineCanonicalizeSubTree(Unknown Source)
org.apache.xml.security.c14n.Canonicalizer.canonicalizeSubtree(Unknown Source)
org.apache.xml.security.signature.SignedInfo.signInOctectStream(Unknown Source)
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown Source)
org.opensaml.xml.signature.SignatureValidator.validate(SignatureValidator.java:68)
com.aviva.tam.pmi.ValidateSAML2Signature.signatureValidator(ValidateSAML2Signature.java:171)
org.apache.jsp.service_005fprovider_jsp._jspService(service_005fprovider_jsp.java:241)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:384)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:320)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:266)
javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
org.netbeans.modules.web.monitor.server.MonitorFilter.doFilter(MonitorFilter.java:196)
Please suggest. Many Thanks, Murali
|
The INTERNET now has a personality. YOURS! See your Yahoo! Homepage.
|
The INTERNET now has a personality. YOURS!
See your Yahoo! Homepage.
- Re: [OpenSAML] SAML signature validation, murali mca, 12/15/2009
Archive powered by MHonArc 2.6.16.