The SAML XML.org web site is not longer accepting new posts. Information on this page is preserved for legacy purposes only. For current information on SAML, please see the OASIS Security Services Technical Committee Wiki.

Revision of LogoutRequest from Thu, 2013-05-09 09:09

Forum topic: Submitted by filipe.queiros on Thu, 2013-05-09 09:07. Last updated on Thu, 2013-05-09 09:09.

I connect with a saml message to a portal. When i try make logout with other saml message, the portal send me one error in your saml response.

 

error:

<Status> <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester"> <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:RequestDenied" /> </StatusCode> <StatusMessage>urn:oasis:names:tc:SAML:2.0:status:RequestDenied (urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue)</StatusMessage> </Status>

 

My message xml:

 

 

<samlp:LogoutRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Consent="urn:oasis:names:tc:SAML:2.0:logout:user" Destination="www.portal..." ID="_09aee7ce288a1098759c97f309416fd631b396c5" IssueInstant="2013-04-30T16:23:45" Version="2.0" > <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">issuer</saml:Issuer> <Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> <CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315" /> <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <Reference URI="#_09aee7ce288a1098759c97f309416fd631b396c5"> <Transforms> <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /> <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"> <InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default samlp saml ds xs xsi" /> </Transform> </Transforms> <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <DigestValue>I8Q8151FOHeyi1hB+Gfs0YrfCaA=</DigestValue> </Reference> </SignedInfo> <SignatureValue>......</SignatureValue> <KeyInfo> <X509Data> <X509Certificate>......</X509Certificate> </X509Data> </KeyInfo> </Signature> <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" >urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified </saml:NameID> </samlp:LogoutRequest>   
‹ Logout Request if necessary signed? SAML implementation in Delphi ›
  • Login to post comments
  • 17332 reads

XML.org Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | XML.org | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I

Hosted by:

OASIS