shibboleth-dev - RE: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature
Subject: Shibboleth Developers
List archive
- From: "Scott Cantor" <>
- To: <>
- Subject: RE: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature
- Date: Wed, 29 Oct 2008 11:22:17 -0400
- Organization: The Ohio State University
> I also noticed that question marks are inserted into the
> AttributeStatement, here:
>
> <saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:type="xs:string">Lantos ?d?m</saml:AttributeValue>
>
> These characters should be 'Ádám'... Maybe there are some character
> encoding issues here :s
Since Java handles Unicode as well as anything else does, if not better, it's
pretty likely the data was corrupted either on the way into the IdP via the
connector, or after it was sent to the SP. Can you pull it off the browser
form and dump that? Is it already corrupted by then?
I would think it has to be, since the IdP is apparently signing over
something else, otherwise the signature would still hold.
I don't think turning off push is going to help you, given that no other SP
is going to get attributes from you any other way. Queries are not widely
supported.
In general, debugging signature issues requires that you get access to the
internals of the failing implementation and dump digest inputs. Anything else
is just guessing.
-- Scott
- Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/29/2008
- RE: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Scott Cantor, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Kristof BAJNOK, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Kristof BAJNOK, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/30/2008
- RE: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Scott Cantor, 10/30/2008
- Message not available
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/30/2008
- RE: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Scott Cantor, 10/30/2008
- Message not available
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Kristof BAJNOK, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Kristof BAJNOK, 10/30/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Adam Lantos, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Chad La Joie, 10/29/2008
- Re: [Shib-Dev] Shibboleth 2.0 IdP xml digital signature, Kristof BAJNOK, 10/30/2008
Archive powered by MHonArc 2.6.16.