SAML 1.1 help

Top Page
Attachments:
Message as email
+ (text/plain)
+ (text/html)
+ (text/plain)
Delete this message
Reply to this message
Author: Kevin Brown
Date:  
To: plug-discuss
New-Topics: SAML 2.0 was Re: SAML 1.1 help
Subject: SAML 1.1 help
So, new job... I've been tasked with implementing SSO using SAML 1.1. The
client provided a document that gives an example of the Response object
that will be forwarded into our site when a user goes to login. I'm trying
to figure out how to validate the XML that I'm given so that I don't
blindly trust that the document hasn't been modified in some way or just
faked.
I have the keys (DigestValue and SignatureValue), but when I try to do a
sha1 of the xml (minus all the parts in the <Signature></Signature>
section, the hash doesn't match.
Does anyone have any experience with this that they might be able to point
me in the right direction?
---------------------------------------------------
PLUG-discuss mailing list -
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss