thariyarox
Reputation: 464
How to validate SAML response and assertion signature using SimpleSAMLphp
I'm trying out the SimpleSAMLphp sample app with WSO2 Identity Server as the Identity Provider. I can successfully login and logout. The SAML assertion and the response is signed.
I want to know how to validate the (response and assertion) signature in the client application using SimpleSAMLphp.
Upvotes: 2
Views: 686
Answers (1)
Marko Ivančić
Reputation: 305
When acting as Service Provider (SP), SimpleSAMLphp will always validate response signature by default, so you don't have to do it yourself. This is mandated by 'saml2int', so I guess it conforms to that (in SAML2Core it is only recommended).
You can check relevant SSP code which initiates the check and the signature check itself.
Upvotes: 1
Related Questions
- Validate signed assertion embedded in SAMLResponse
- Create SAML Assertion and Sign the response
- Validate IDP initiated SAML2.0 Response
- Validate SAML Response
- Check authenticity of SAML assertion message as SP
- WSO2 IS 5.1.0 Empty SignatureValue and DigestValue in SAML Assertion
- How to manually validate a SAMLResponse signature?
- Signature Validation Failed for the SAML Assertion in Wso2IS
- SAML Request-Response Handeling in WSO2 Identity Server
- How to validated Assertion for SAML 2.0 Bearer at SalesForce.com