Does anyone have any experience with this that they might be able to point me in the right direction?So, new job... I've been tasked with implementing SSO using SAML 1.1. The client provided a document that gives an example of the Response object that will be forwarded into our site when a user goes to login. I'm trying to figure out how to validate the XML that I'm given so that I don't blindly trust that the document hasn't been modified in some way or just faked.I have the keys (DigestValue and SignatureValue), but when I try to do a sha1 of the xml (minus all the parts in the <Signature></Signature> section, the hash doesn't match.
---------------------------------------------------
PLUG-discuss mailing list - PLUG-discuss@lists.phxlinux.org
To subscribe, unsubscribe, or to change your mail settings:
http://lists.phxlinux.org/mailman/listinfo/plug-discuss