mace-opensaml-users - Re: [OpenSAML] Validate Signature sent via HTTPRedirect
Subject: OpenSAML user discussion
List archive
- From: "Cantor, Scott E." <>
- To: "" <>
- Subject: Re: [OpenSAML] Validate Signature sent via HTTPRedirect
- Date: Tue, 15 Feb 2011 03:18:01 +0000
- Accept-language: en-US
>
>I'm trying to validate a signature that is being sent along with a
>SAMLResponse to my service provider via the HTTPRedirect protocol binding.
If you're doing SSO, that's not legal (redirect is not a valid binding
with that leg of the profile), but regardless, redirect signatures are not
XML signatures and are not inside the XML, they're constructed from the
URL parameters. Refer to the binding specification.
-- Scott
- [OpenSAML] Validate Signature sent via HTTPRedirect, John Gonzales, 02/14/2011
- Re: [OpenSAML] Validate Signature sent via HTTPRedirect, Cantor, Scott E., 02/14/2011
- Re: [OpenSAML] Validate Signature sent via HTTPRedirect, John Gonzales, 02/14/2011
- Re: [OpenSAML] Validate Signature sent via HTTPRedirect, Cantor, Scott E., 02/14/2011
- Re: [OpenSAML] Validate Signature sent via HTTPRedirect, John Gonzales, 02/14/2011
- Re: [OpenSAML] Validate Signature sent via HTTPRedirect, Cantor, Scott E., 02/14/2011
Archive powered by MHonArc 2.6.16.