mace-opensaml-users - [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?
Subject: OpenSAML user discussion
List archive
[OpenSAML] How to validate signing certificate of the SAML token in the relaying party?
Chronological Thread
- From: Gina Choi <>
- To:
- Subject: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?
- Date: Thu, 28 Apr 2011 10:35:28 -0400 (EDT)
I extracted singing certificate from Identity Provider and installed it in the
relying party. I used the following code to validate the signature. Does
signatureValidator.validate(signature) also validate the expiration date of
the certificate or I have to write my own code to check if the certificate is
expired?
File certificateFile = new
File("C:\\ginashare\\adfs_token_trust.cer");
FileInputStream certInputStream =
new FileInputStream(certificateFile);
CertificateFactory certificateFactory =
CertificateFactory.getInstance("X.509");
X509Certificate certificate = (X509Certificate)
certificateFactory
.generateCertificate(certInputStream);
// pull out the public key part of the certificate into a
// KeySpec
publicKeySpec = new
X509EncodedKeySpec(certificate.getPublicKey().getEncoded());
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
// generate public key to validate signatures
PublicKey publicKey =
keyFactory.generatePublic(publicKeySpec);
// create credentials
BasicX509Credential publicCredential = new
BasicX509Credential();
// add public key value
publicCredential.setPublicKey(publicKey);
// create SignatureValidator
signatureValidator = new
SignatureValidator(publicCredential);
signatureValidator.validate(signature);
Thanks.
Gina
- [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Paul Hethmon, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Paul Hethmon, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Brent Putman, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Michael Kjorling, 04/29/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
Archive powered by MHonArc 2.6.16.