[
https://jira.jboss.org/jira/browse/JBID-162?page=com.atlassian.jira.plugi...
]
Anil Saldhana commented on JBID-162:
------------------------------------
Marcel, I knew about this issue. I was trying to figure out how SAML POST binding ensured
signatures apart from the signatures in the SAML messages. The signatures in saml
messages is bit dependent on JBID-164
signature encoding/decoding not correct for HTTP_POST binding
-------------------------------------------------------------
Key: JBID-162
URL:
https://jira.jboss.org/jira/browse/JBID-162
Project: JBoss Identity
Issue Type: Bug
Components: Identity-Federation
Affects Versions: IDFED-1.0.0.alpha5
Reporter: Marcel Kolsteren
Assignee: Anil Saldhana
An interoperability test between a JBID-based Service Provider and an OpenSSO-based
Identity Provider revealed a problem with the signature encoding/decoding in JBID. When
posting a message, JBID places the signature and the signature algorithm in separate
hidden fields in the form. According to the SAMLv2 spec, this is not correct. When using
HTTP-POST binding, the signature should be encoded as part of the XML message
(<ds:Signature> element). Separate encoding of the signature is intended for the
HTTP-Redirect profile only (because of space concerns).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira