Announcement Announcement Module
Collapse
No announcement yet.
SAML HTTP_POST Binding Request Missing SigAlg Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • SAML HTTP_POST Binding Request Missing SigAlg

    Hello,

    When SP send authentication request using HTTP-POST binding to IDP, its missing

    1. Signature
    2. SigAlg,
    3. KeyInfo

    Currently its sending only SAMLRequest. And IDP and SP xml files AuthnRequestsSigned / WantAuthnRequestsSigned set to true.

    Is this anyone know how to send those parameters as part of the request?

    Thanks,
    Parthi

  • #2
    Hi Parthi,

    What you describe is not the HTTP POST binding (which uses message signature), but HTTP POST-SimpleSign Binding (which uses binding-level signature). SAML Extension only supports HTTP POST. You can file a feature request to Jira in case HTTP POST-SimpleSign is important for you.

    Cheers, Vladi

    Comment


    • #3
      Hi Vladimir,

      Thanks for the reply. And you gave me the right directions. Sorry!! for the late response because I have implemented Http-POST-SimpleSign binding and I have verified my code as well with third-party IDP provider.

      I would like to contribute to the community. Please let me know what is the process to send the changes.

      Thanks,
      Parthi

      Comment


      • #4
        Hi Parthi,

        You can open a new issue in Jira and submit a pull request with your code to GitHub.

        The message encoders and decoders are already implemented in OpenSAML (HTTPPostSimpleSignEncoder and HTTPPostSimpleSignDecoder). What needs to be done is creating a new binding class in the processor package, including it in the securityContext.xml, updating the MetadataGenerator, updating the sample app UI to support the binding and update the documentation. The binding class needs to use SAML2HTTPPostSimpleSignRule rule in the getSecurityPolicy method for verification of the signature.

        Br, Vladi

        Comment

        Working...
        X