Hi,
I'me looking for a way to verify the signature parameter in a HTTP Redirect Binding SAML request. The request contains the parameters: SAMLRequest, SigAlg, Signature, Relaystate. The Signature contains the signing of the complete request (including de parameters). Is there a way to verify this signature?
I'me using the HTTP Redirect binding in the assertion: 'Process a SAML 2.0 authentication request'. When I choose this binding 'HTTP Redirect' it automaticly disables and grey-out the checkbox 'Verify Siginature'. The extraction of the SAML request is working fine with this assertion. I just can't verify the signature.
