You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-c-dev@ws.apache.org by Supun Kamburugamuva <su...@gmail.com> on 2008/04/16 07:22:10 UTC

SAML signature validation

Hi All,

A SAML token carries a signature. This signature can be used to verify the
SAML authority. Usually SAML token authorities are STSs. In order to use
SAML tokens as an authentication tokens this signature should be verified by
Rampart/C. To achieve this, service writer should have a way to specify the
certificate of the STS.

With the current implementation we can achieve this by introducing a new
configuration parameter. i.e. STSCertificate.

But with the PKCS12 implementation the configuration will be different. I
think we need a unified way of specifying this in both normal configuration
and with PKCS12. Any thoughts please..

Regards,
Supun..