[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Verifying SAML SSO responses...
Hello all, I'm writing a SAML security filter for a Erlang Yaws server we are developing. I'm to the point where I have a SAMLResponse in response to a Auth request. At the moment I'm using a simplesamlphp instance as an Idp. I've been reading the processing rules in the OASIS saml-profiles-2.0-os spec (4.1.4.3), however I'm confused by line 574 which says to verify any signatures present in the assertion(s). I see the signatures in the response XML, however I don't know what I need to do to very the "signatures". Can someone explain, or point me to a resource? I do have all the OASIS specs, and have read them several times, but I don't recall seeing where this was explained. Its a brave new world. ;-) Thanks, -PWM
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]