Do you mean that the SAML Assertion needs to be signed, or that the
signature over the message needs to be included in the SAML Assertion?
Generally, you won't be using WSS4J to sign a SAML Assertion (though
you could); instead, you'll typically get a signed Assertion from a
SAML authority, which is already signed.
Note also that you can't add an element to a previously signed
assertion without breaking a signature already over the assertion.
Can you say more about where you are obtaining your SAML Assertions
from?
Also, do you have any additional constraints that need to be applied
to the Assertion, as would apply to any of the SubjectConformation
methods in the SAML Assertion?
On Sep 16, 2007, at 9:27 AM, dstrower wrote:
I am trying to sign a message with a SAML token. I am able to do
this but the
format looks like this:
Security
signature
saml
My server requires that the signature be inside the SAML assertion.
Can I control where the signature is placed?
--
View this message in context: http://www.nabble.com/Can-the-
location-of-the-signature-be-controlled--tf4451302.html#a12699525
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
