Hi Nadeesha The duplicate entry meant by you is under the saml assertion. Saml response object contains a saml assertion. And when you sign both response and assertion this entry includes into both objects. For more details you can refer to saml spec. [1]
[1] http://saml.xml.org/saml-specifications Thanks & Regards Danushka Fernando Senior Software Engineer WSO2 inc. http://wso2.com/ Mobile : +94716332729 On Oct 1, 2015 7:10 PM, "Nadeesha Meegoda" <[email protected]> wrote: > Hi IS team, > > I am testing SAML SSO with travelocity app and when I signed in to the app > I noticed in the SAML authentication response getting duplicate entries for > saml2:Issuer, ds:Signature, ds:X509Certificate etc with the same response > data. Is there a special reason these are duplicated? Just need to clarify! > > Noted below is the section that is duplicated in the response: > > <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" > xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" > >mgt.is.wso2.com</saml2:Issuer> > <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <ds:SignedInfo> > <ds:CanonicalizationMethod Algorithm=" > http://www.w3.org/2001/10/xml-exc-c14n#"; /> > <ds:SignatureMethod Algorithm=" > http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> > <ds:Reference URI="#bnlofhdfbehmnhiajimjohbkhepimciajocfmdkl"> > <ds:Transforms> > <ds:Transform Algorithm=" > http://www.w3.org/2000/09/xmldsig#enveloped-signature"; /> > <ds:Transform Algorithm=" > http://www.w3.org/2001/10/xml-exc-c14n#"; /> > </ds:Transforms> > <ds:DigestMethod Algorithm=" > http://www.w3.org/2000/09/xmldsig#sha1"; /> > > <ds:DigestValue>fiOel63mdz3HsEz2JrSbUgBvYDw=</ds:DigestValue> > </ds:Reference> > </ds:SignedInfo> > > <ds:SignatureValue>VgbMj1PIjJ0JFdyJ9AKaLkBnj7OD/prQahVU5WgdK9PAMvMedKt42pna+A5YznK0zLrzPKHAP/5VD6qHVPtF5LsYqJNEC4OTR1Mo2nzv34nOQxZZ95uxKBoxD/eVzgrqNBIzAecgSXvvYBj1ZlmjbJQoOuVxgdFOhOkz8S3bO+Q=</ds:SignatureValue> > <ds:KeyInfo> > <ds:X509Data> > > <ds:X509Certificate>MIICAzCCAWygAwIBAgIEb38jDjANBgkqhkiG9w0BAQQFADBGMRAwDgYDVQQDEwd5bWMuY29tMQ0wCwYDVQQLEwROb25lMRQwEgYDVQQKEwtOb25lIEw9Tm9uZTENMAsGA1UEBhMETm9uZTAeFw0xNTA4MjkwNjIxNDJaFw0yNTA5MjUwNjIxNDJaMEYxEDAOBgNVBAMTB3ltYy5jb20xDTALBgNVBAsTBE5vbmUxFDASBgNVBAoTC05vbmUgTD1Ob25lMQ0wCwYDVQQGEwROb25lMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPWrZjdgaHwd8FDZaOm57wz2fxSW4umTuyw8E8PnNwCkZqIGpxkJGqfEOzXhP38A84a7fwXUfCZuwetgvkU4vfqhHieqI5OiA02pZpBzWkYjpg8By6YeJyK4Vy4hB6yq1gTCaerqffeAfXWI0ILog9iwJtbAgfJUDqU9j5XEnMxQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAE8GmwMaydEFMb8hzvXjkX2pdjZto4S5AqaERjigR5OCsvcnuqNPspuAMyy7AC6xRCkKOfhFEfFcAHhExpqCfqFcuEhfqc3tL89eDyf1sxfnaoCPSWjgo/TirWSaaxcT2JAcWfGh74S77CHC/m9rZ9ozaTJRhzNw5RYEbWNKJEqc</ds:X509Certificate> > </ds:X509Data> > </ds:KeyInfo> > </ds:Signature> > > Full Response is attached with the mail. > > Highly appreciate an explanation on this! > > > Thanks > > -- > *Nadeesha Meegoda* > Software Engineer - QA > WSO2 Inc.; http://wso2.com > lean.enterprise.middleware > email : [email protected] > mobile: +94783639540 > <%2B94%2077%202273555> > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > >
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
