Cito
Reputation: 1709
How the logoutRequests in SAML are signed?
I'm trying to integrate one Identity Provider in one application we have in PHP. The middleware I'm using in PHP is SamlTool from OneLogin1.
However, when I try to sign the logout Request, that is not working.
I notice that If I try to sign the request and then I check signature they create in their site, is different.
So the question is how is the signature for Saml Logout Request signed.
Upvotes: 0
Views: 249
Answers (1)
Nick Prusov
Reputation: 144
- First you need to generate your own cert/public key for instance using site https://www.samltool.com/self_signed_certs.php
- If you are not using any libray you need to sign the request by yourself example code below in Java
- To check SAML request/parameters you can use SAML tracer addon on firefox https://addons.mozilla.org/en-US/firefox/addon/saml-tracer/
- To validate request signature you can use online tool https://www.samltool.com/validate_logout_req.php
Example how to sign the request can be checked here: https://github.com/jrowny/java-saml
Upvotes: 1
Related Questions
- In SAML, what are the actions that need to be performed in the client and service provider to logout?
- SAML 2.0 Authentication Using PHP
- Receiving SAML Logout response at /Saml2/Acs point
- How apache know that SAML response is authenticated
- Construct a signed SAML2 LogOut request
- Verify signed LogoutRequest in a SP
- SAML / is RelayState required for signed logout request?
- Where does the ds:Signature element go in a SAML LogoutRequest?
- SAML 2.0 LogoutRequest
- Session termination in single logout using SAML