I2 xmldap relyingparty with openinfocard

From OSIS Open Source Identity Systems

Jump to: navigation, search

Works. Naturally.

Three claims are required. The others are optional. No optional claims were seletected by the user and non were sent.

This assertion was sent: 

<saml:Assertion 
 xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" 
 MajorVersion="1" MinorVersion="1" 
 AssertionID="uuid-5C000210-1882-4AF9-3018-644E844C3F12" 
 Issuer="http://schemas.xmlsoap.org/ws/2005/05/identity/issuer/self" IssueInstant="2007-10-23T08:24:01Z">
 <saml:Conditions NotBefore="2007-10-23T08:19:01Z" NotOnOrAfter="2007-10-23T08:34:01Z">
 <saml:AudienceRestrictionCondition>
  <saml:Audience>https://xmldap.org/relyingparty/</saml:Audience>
 </saml:AudienceRestrictionCondition>
 </saml:Conditions>
 <saml:AttributeStatement>
  <saml:Subject>
  <saml:SubjectConfirmation>
   <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod>
  </saml:SubjectConfirmation>
 </saml:Subject>
 <saml:Attribute AttributeName="givenname" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims">
  <saml:AttributeValue>Axel</saml:AttributeValue></saml:Attribute>
  <saml:Attribute AttributeName="surname" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims">
  <saml:AttributeValue>Nennker</saml:AttributeValue></saml:Attribute>
  <saml:Attribute AttributeName="emailaddress" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims">
  <saml:AttributeValue>axel@nennker.de</saml:AttributeValue></saml:Attribute>
  <saml:Attribute AttributeName="privatepersonalidentifier" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims">
  <saml:AttributeValue>ZHg2VUkyUEFTemkrVnFIUjJiREdxWEF1eWFQNnZNRVBPaExraWt2ZW1lWT0=</saml:AttributeValue>
  </saml:Attribute>
 </saml:AttributeStatement>
 <dsig:Signature 
  xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <dsig:SignedInfo><dsig:CanonicalizationMethod 
   Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
   <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
   <dsig:Reference URI="#uuid-5C000210-1882-4AF9-3018-644E844C3F12">
   <dsig:Transforms><dsig:Transform 
    Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
    <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
  <dsig:DigestValue>u7/mPrtaw6uFpf8QgjQObDCedL8=</dsig:DigestValue>
 </dsig:Reference>
 </dsig:SignedInfo>
 <dsig:SignatureValue>WBv10bA4HZzoigNwAbXqjZylP5pag8ydHeqgZb9O+a4yFUPKmttiSn+rHeqFr6LgkzBNEWWOCtiVJ9F/NH1H1V5WE+yIzrlCqReM2De+YsPa17i9PAyh8YEIhlj4RRX7KVY6qQpfW4QSjjIUtZLtAPwvcAXmRh7BHzNloHnd5alex8jsJSYX8TcihWuengbENERFSx7gN+2uWaSyOUXn26Osy1DaqBzOCDI7qBcyuXTSwzW4zte/TO2ju2ugf2Y4cF8bobroBYva+wJ1w/BZYMv8wytPb3Ef/BEWsItP93irSwI2nOjRI1JTG/3Zra5q6jBfI47ypfwcC5kMxSen8w==</dsig:SignatureValue>
  <dsig:KeyInfo>
   <dsig:KeyValue>
    <dsig:RSAKeyValue>
     <dsig:Modulus>rS5LhtKz1OVRfRfoy6BNYZfR+NXKG2bLf4KUB5wcw2J3EH5ZoRp0d7BPqRNteZbnkUvXNv6DXst0fpnt+KfqDj9IgHJOA3CuyxdZntyWLz5fI7tcBdzgIKQCXQK3y0PqH2/XJj50yAV+YtmRsC435wFglw/oZmzodZTEH/AVoi6jf7OM8b2OYl3Is/z/q4E0FdrXg74OqAOWGvL3+ZwsJcD42yos4uz+L0RTcAbQ4kZ8Fqw+sfCshfexcqQiI7RKuA/wCzOflOzXl7Bg6gf61stPspJ/sk1HrxJmzTMIliBz2/ulfTP51e7FlZPIsxRl02QMYpezIzNQS2gDcg54Ww==</dsig:Modulus>
     <dsig:Exponent>AQAB</dsig:Exponent>
    </dsig:RSAKeyValue>
   </dsig:KeyValue>
  </dsig:KeyInfo>
 </dsig:Signature>
</saml:Assertion>

Tested by Axel Nennker with

Retrieved from "http://osis.idcommons.net/wiki/I2_xmldap_relyingparty_with_openinfocard"