Hi,
I'me looking for a way to verify the signature parameter in a HTTP Redirect Binding SAML request. The request contains the parameters: SAMLRequest, SigAlg, Signature, Relaystate. The Signature contains the signing of the complete request (including the query paramaters). Is there a way to verify this signature?
I'me using the HTTP Redirect binding in the assertion: 'Process a SAML 2.0 authentication request'. When I choose this binding it automaticly disables and grey-out the checkbox 'Verify Siginature'. The extraction of the SAML request is working fine with this assertion. I just can't verify the signature.