The SAML web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Node Order in SAML1.1 Response

My question is very simple:  does SAML require the Signature node to precede the Assertion node?  If so, can you possibly point me to this requirement?

I don't know what message you're referring to, but the schemas provide all of this information, as does the specification.

Check the protocols schema, near the bottom. Look for ResponseAbstractType and ResponseType. You can find the schema at: Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I