Hi, I'me looking for a way to verify the signature parameter in a HTTP Redirect Binding SAML request. The request contains the parameters: SAMLRequest, SigAlg, Signature, Relaystate. The Signature contains the signing of the complete request (including the query paramaters). Is there a way to verify this signature? I'me using the HTTP Redirect binding in the assertion: 'Process a SAML 2.0 authentication request'. When I choose this binding it automaticly disables and grey-out the checkbox 'Verify Siginature'. The extraction of the SAML request is working fine with this assertion. I just can't verify the signature. <img src="https://higherlogicdownload.s3.amazonaws.com/BROADCOM/MessageImages/2225d1a410b14f6a83977044c5618d70.png" class="img-responsive" data-mce-hlimagekey="e6a3c9ec-b27c-a019-27e0-bc9ebcd22551" data-mce-hlselector="#MainCopy_ctl03_PostMessageContributedContent_TinyMCEEditor_TinyMCEContent"> <img src="https://higherlogicdownload.s3.amazonaws.com/BROADCOM/MessageImages/607921475c2a4642bbbc7837def131f1.png" class="img-responsive" data-mce-hlimagekey="0e230b01-cc38-3a10-9690-1b1017647aa8" data-mce-hlselector="#ComposeQuestion_f126b9f3-9d22-49d6-9776-e26fdb3c06d8-tinyMce">

Layer7 API Management

View Only

How to verify SAML HTTP Redirect Binding Signature

Thijs Bazuin posted Feb 03, 2023 10:32 AM

Hi,

I'me looking for a way to verify the signature parameter in a HTTP Redirect Binding SAML request. The request contains the parameters: SAMLRequest, SigAlg, Signature, Relaystate. The Signature contains the signing of the complete request (including the query paramaters). Is there a way to verify this signature?
I'me using the HTTP Redirect binding in the assertion: 'Process a SAML 2.0 authentication request'. When I choose this binding it automaticly disables and grey-out the checkbox 'Verify Siginature'. The extraction of the SAML request is working fine with this assertion. I just can't verify the signature.