This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

Validate SAML >>1.0<< assertion?

Posted on 01-08-2021 02:20 AM
guycrets
Silver 1
Silver 1
Reply posted on --/--/---- --:-- AM

Hi all,

We need to validate SAML 1.0 assertion as part of WS-Sec request. Apigee's ValidateSAMLAssertion policy only supports SAML 2.0. Any suggestions how we could tackle this? Maybe someone who can share a great piece of Java(script) code or other?

Looking forward to your feedback, Guy Crets

0 5 334
Topic Labels
0 Likes
5 REPLIES 5

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

If I were doing his I would do it in Java. Validating an assertion means, I suppose, obtaining an X.509 certificate, extracting a public key from that, and then verifying a signature on the assertion. a bunch of crypto. It's better doing that in Java.

This callout does not do what you want, but it might be a good starting point.

https://github.com/DinoChiesa/Apigee-Java-WsSec-Signature-2

0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

Guycrets, Did you solve this problem?

0 Likes

Posted on --/--/---- --:-- AM
Sibythomas1984
Bronze 1
Bronze 1
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Did we have an existing call out for saml 1:0 assertion 

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to Sibythomas1984
Reply posted on --/--/---- --:-- AM

There is none that I know of!  But, it would probably not be too difficult to build. 

Posted on --/--/---- --:-- AM
Sibythomas1984
Bronze 1
Bronze 1
In response to dchiesa1
Reply posted on --/--/---- --:-- AM

Thanks , will explore that route then 

Top Solution Authors
View all