Subject: Missing signature nodes?
Date: 2013-07-03 16:56:53
From: Greg Griffin
Source: missing-signature-nodes
----------------------------------------------------------------------



	The consumer of my SAML assertion is telling me that 'the “//saml:Assertion//ds:Signature' or '//saml:Assertion//Signature' xml node is used to validate the certificate and this is missing".



	My code is as follows - what am I missing?



	[code lang='c#']



	          //get the certificate



	            X509Certificate2 theCert = new X509Certificate2();



	            theCert.Import("c:\\cert.pfx", "password", X509KeyStorageFlags.Exportable);



	 



	            String targetURL = "https://www.theirsite.com";



	            String ConsumerServiceUrl = "https://www.theirsite.com";



	 



	            // Create a SAML response object.



	            ComponentPro.Saml2.Response samlResponse = new ComponentPro.Saml2.Response();



	 



	            // Assign the consumer service url.



	            samlResponse.Destination = ConsumerServiceUrl;



	            Issuer issuer = new Issuer("www.mysite.com");



	            samlResponse.Issuer = issuer;



	            samlResponse.Status = new Status(SamlPrimaryStatusCode.Success, null);



	 



	            Assertion samlAssertion = new Assertion();



	            samlAssertion.Issuer = issuer;



	 



	            //subject



	            Subject subject = new Subject(new NameId("johnsmith"));



	            SubjectConfirmation subjectConfirmation = new SubjectConfirmation(SamlSubjectConfirmationMethod.Bearer);



	            SubjectConfirmationData subjectConfirmationData = new SubjectConfirmationData();



	            subjectConfirmationData.Recipient = ConsumerServiceUrl;



	            subjectConfirmation.SubjectConfirmationData = subjectConfirmationData;



	            subject.SubjectConfirmations.Add(subjectConfirmation);



	            samlAssertion.Subject = subject;



	 



	            //authentication statement



	            AuthnStatement authnStatement = new AuthnStatement();



	            authnStatement.AuthnContext = new AuthnContext();



	            authnStatement.AuthnContext.AuthnContextClassRef = new AuthnContextClassRef(SamlAuthenticateContext.Password);



	            samlAssertion.Statements.Add(authnStatement);



	 



	            //sign the assertion



	            samlAssertion.Sign(theCert);



	 



	            // Add assertion to the SAML response object.



	            samlResponse.Assertions.Add(samlAssertion);



	 



	            // Create an encrypted SAML assertion from the SAML assertion we have created.



	            EncryptedAssertion encryptedSamlAssertion = new EncryptedAssertion(



	                samlAssertion,



	                theCert,



	                new System.Security.Cryptography.Xml.EncryptionMethod(SamlKeyAlgorithm.TripleDesCbc)



	 



	                );



	 



	            // Add encrypted assertion to the SAML response object.



	            samlResponse.Assertions.Add(encryptedSamlAssertion);



	 



	            // Sign the SAML response with the certificate.



	            samlResponse.Sign(theCert);



	 



	            // Send the SAML response to the service provider.



	            samlResponse.SendPostBindingForm(Response.OutputStream, ConsumerServiceUrl, targetURL);



	[/code]


----------------------------------------------------------------------

Note: This question has been asked on the Q&A forum of Thang Dang's fraudulent ComponentPro brand
If you purchased anything from ComponentPro, you have been scammed. Contact the payment processor
who sold you the license and ask for your money back.

Back to ComponentPro Q&A Forum Index