KeyInfo>中缺少ADFS SAML前缀ds
本文关键字:SAML 前缀 ds ADFS KeyInfo | 更新日期: 2023-09-27 18:08:53
我想将令牌证书与通过ADFS来的SAML对象集成。由于KeyInfo格式,我可以解析[使用c#]除认证值外的每个项目。我认为"KeyInfo"缺少"ds"前缀。我不知道我在哪里做错了。
<samlp:Response ID='"_00ca83c9-aad0-4210-9174-87ec874c5103'" Version='"2.0'" xmlns:samlp='"urn:oasis:names:tc:SAML:2.0:protocol'">
<Issuer xmlns='"urn:oasis:names:tc:SAML:2.0:assertion'">*******</Issuer><samlp:Status><samlp:StatusCode Value='"urn:oasis:names:tc:SAML:2.0:status:Success'" /></samlp:Status>
<Assertion ID='"_bac09d77-c98e-48f6-bf62-8bbbbd1756d9'" IssueInstant='"2015-08-19T23:07:32.659Z'" Version='"2.0'" xmlns='"urn:oasis:names:tc:SAML:2.0:assertion'"><Issuer>http://ADFS.*******.com.au/adfs/services/tru</Issuer>
<ds:Signature xmlns:ds='"http://www.w3.org/2000/09/xmldsig#'">
<ds:SignedInfo></ds:SignedInfo>
<ds:SignatureValue>some value</ds:SignatureValue>
<KeyInfo xmlns='"http://www.w3.org/2000/09/xmldsig#'"><ds:X509Data><ds:X509Certificate>some value</ds:X509Certificate></ds:X509Data></KeyInfo>
</ds:Signature>
<Attribute Name='"LastName'"><AttributeValue>FFFF</AttributeValue></Attribute>
<Attribute Name='"Username'"><AttributeValue>fdfdgf</AttributeValue></Attribute>
<Attribute Name='"VAL6'"><AttributeValue>AAAAA</AttributeValue></Attribute>
<AuthnStatement AuthnInstant='"2015-08-19T23:07:32.549Z'"><AuthnContext>
<AuthnContextClassRef>urn:federation:authentication:windows</AuthnContextClassRef></AuthnContext></AuthnStatement>
</Assertion>
</samlp:Response>
试试这个
<?xml version="1.0" encoding="utf-8" ?>
<samlp:Response ID="_00ca83c9-aad0-4210-9174-87ec874c5103" Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">*******</Issuer>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</samlp:Status>
<Assertion ID="_bac09d77-c98e-48f6-bf62-8bbbbd1756d9" IssueInstant="2015-08-19T23:07:32.659Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
<Issuer>http://ADFS.*******.com.au/adfs/services/tru</Issuer>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<ds:Reference URI="http://www.w3.org/TR/2000/REC-xhtml1-20000126/">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>j6lwx3rvEPO0vKtMup4NbeVu8nk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue></ds:SignatureValue>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>MIICXTCCA..</ds:X509Certificate>
</ds:X509Data>
</KeyInfo>
</ds:Signature>
<Attribute Name="LastName">
<AttributeValue>FFFF</AttributeValue>
</Attribute>
<Attribute Name="Username">
<AttributeValue>fdfdgf</AttributeValue>
</Attribute>
<Attribute Name="VAL6">
<AttributeValue>AAAAA</AttributeValue>
</Attribute>
<AuthnStatement AuthnInstant="2015-08-19T23:07:32.549Z">
<AuthnContext>
<AuthnContextClassRef>urn:federation:authentication:windows</AuthnContextClassRef>
</AuthnContext>
</AuthnStatement>
</Assertion>
</samlp:Response>