OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: RE: [saml-dev] AuthnRequest - what exactly is signed

> I'm new to SAML and have to make a simple client. I'm starting with the
> AuthnRequest and have the following data that I need to send to the IdP:

With what binding?

> If I read the standard correctly, each of these 3 parameters needs to be
> URL-encoded and then concatenated into a string, so it should look
> something like this:

There's no binding that would match, so no, that's wrong.

> Is it correct, that it is the entire string as shown above that is
> signed, and then the signature is posted in the Signature parameter?

Signing is binding dependent. For a redirect, yes, you sign all of those
parameters, but you don't have the message encoded correctly.

-- Scott

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]