mace-opensaml-users - RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?
Subject: OpenSAML user discussion
List archive
RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?
Chronological Thread
- From: "Cantor, Scott E." <>
- To: "" <>
- Subject: RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?
- Date: Thu, 28 Apr 2011 14:46:16 +0000
- Accept-language: en-US
> I extracted singing certificate from Identity Provider and installed it in
> the
> relying party. I used the following code to validate the signature. Does
> signatureValidator.validate(signature) also validate the expiration date of
> the certificate or I have to write my own code to check if the certificate
> is
> expired?
The goal of the validator is to verify the signature. Trust management (doing
anything with the certificate) is separate. There is an extensive body of
code for that, and we suggest you abandon any notions of certificate
evaluation in favor of using SAML metadata for key comparison.
-- Scott
- [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Paul Hethmon, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Paul Hethmon, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Brent Putman, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- Re: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Michael Kjorling, 04/29/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Cantor, Scott E., 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
- RE: [OpenSAML] How to validate signing certificate of the SAML token in the relaying party?, Gina Choi, 04/28/2011
Archive powered by MHonArc 2.6.16.