OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

saml-dev message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: SV: [saml-dev] AuthnRequest - what exactly is signed


I'm using the HTTP Redirect Binding.
The part about the concatenation of the 3 strings is from the
description about the DEFLATE encoding in the bindings document.


-----Oprindelig meddelelse-----
Fra: Scott Cantor [mailto:cantor.2@osu.edu] 
Sendt: 29. februar 2008 16:40
Til: Hellan.Kim KHE; 'SAML Developers'
Emne: RE: [saml-dev] AuthnRequest - what exactly is signed

> I'm new to SAML and have to make a simple client. I'm starting with
> AuthnRequest and have the following data that I need to send to the

With what binding?

> If I read the standard correctly, each of these 3 parameters needs to
> URL-encoded and then concatenated into a string, so it should look
> something like this:

There's no binding that would match, so no, that's wrong.

> Is it correct, that it is the entire string as shown above that is
> signed, and then the signature is posted in the Signature parameter?

Signing is binding dependent. For a redirect, yes, you sign all of those
parameters, but you don't have the message encoded correctly.

-- Scott

www.kmd.dk   www.kundenet.kmd.dk   www.e-Boks.dk    www.organisator.dk

Hvis du har modtaget denne mail ved en fejl vil jeg gerne, at du informerer mig og sletter den.
KMD skaber it-services, der fremmer effektivitet hos det offentlige, erhvervslivet og borgerne.

If you received this e-mail by mistake, please notify me and delete it. Thank you.
Our mission is to enhance the efficiency of the public sector and improve its service to the general public. 

KMD A/S l Lautrupparken 40-42 l DK-2750 Ballerup l CVR-nr. 26911745 

KMD er medlem af IT-Branchen, Dansk Erhverv, samt anmeldt til Datatilsynet som edb-servicevirksomhed. KMD er certificeret i henhold til ISO 9001:2000, med Dansk Standard som certificerende organ, Microsoft Gold Certified Partner, Certificeret SAP Hosting Center.

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]