stackoom
  简体   繁体   中英

Validate SAML Assertion against Credential - opensaml 3

 原文  2017-03-03 18:27:23       java/ validation/ saml-2.0/ opensaml

Question

I've validated the signature using SAMLSignatureProfileValidator but from my understanding when I validate a signature using this, it only makes sure the response hasn't been tampered with. Ie it checks the structure of the signature to make sure it is well formatted.

How do I validate the SAML Assertion using the publicKey of a certificate I have from the IdP or a credential? Do I have to manually locate the certificate node and compare the value...? I am using OpenSAML3 and there is no SignatureValidator so I can't pass in the pub key.

1 answers

solution1
 2 ACCPTED  2017-03-03 21:22:09

The Signature validator in OpenSAML V3 is no longer instantiated but instead a static method on SignatureValidator is used for validation. Use the SignatureValidator.validate method to validate the signature.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SAML Assertion Validation using OpenSAML 3 SAML Spring Sample: Signature did not validate against the credential's key Create SAML 2.0 assertion by existing element in OpenSAML How to validate (azure) saml xml response with opensaml? Decrypting encrypted assertion using SAML 2.0 in java using OpenSAML How to create a valid SAML 2.0 Assertion with OpenSAML library in Java Unable to validate SAML assertion with ColdFusion GAE + SAML + JAVA + OpenSAML SAML marshalling opensaml and java Converting assertion to string in OpenSAML 4
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM