-
Notifications
You must be signed in to change notification settings - Fork 475
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Embed SAML Verification Signature (the SP Signing Public Cert) to the the AuthnRequest #585
Comments
Do you have a sample of what you are looking for? Also, could you reference the SAML spec that mentions that this should be, or may be, provided in the AuthnRequest? |
Hello! I was looking to implement/make use of something like the AuthnRequest below with an HTTP-POST Binding and including the x.509 public certificate in the key info as part of the signature. In the core specification, []http://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf , there are references to ds:KeyInfo like page 20 (line 824)
[](https://www.samltool.com/generic_sso_req.php
|
I must be missing something. I don't see either |
@rebornjoe, Did you get any resolution for this? I'm facing the same issue and not able to add "KeyInfo" in AuthnRequest. |
Same error for me too. Any further work has been done here? |
As mentioned above, we are eager to have the community help enhance this project through contributions. Please feel free to submit a PR to add these features and the maintainers will do their best to help get it landed. |
@cjbarth, PR raised for this issue fix. Can you please review. |
Hi @ganesha289 or @cjbarth , I'm wondering if there's any progress on this issue. Thanks, |
I'm working on a new release of |
I've tried to look for any references to do this but thought that it might not be possible with the library. Some Identity Providers require that the signing certificate be embedded in the AuthnRequest in order for the IdP to verify the request as well as match the subject DN and confirm if the certificate was signed by a CA. Is there any documentation on how to achieve this? Thank you
The text was updated successfully, but these errors were encountered: