Validating saml responses

08 Feb

It is also useful for testing whether a 3rd party application has successfully integrated the SAML assertion process into their authentication system.Start by navigating to Apps Add Apps in the One Login administrator dashboard.So currently validation fails only when response is encrypted.In that case response is decrypted correctly in php-saml but fails on signature/digest validation.We recommend using the basic connector to test general functionality, but all eight are explained below for your understanding.SAML Test Connector: This is the basic connector that contains the general URL fields that will be used to pass the connector information between One Login and the application in question.

Therefore, ds: Key Info MAY be absent." You can verify the signature if the public key has been provided to you through other means, e.g.

Our initial problem is solved, but it has left me wondering why. ~tommy SAML responses do not require including the public key for that signature.

Section 5.4.5 of the SAML2 spec states "XML Signature defines usage of the ds: Key Info element.

Below is the code I have used that I believe should be able to do this validation as well as the signature I am trying to validate.

When I run the code, I get the following output Note: I am loading the XSD from a URL in this example so I don't have to include 4 XSD files in my question.