[Last Call] Learn how to a build a cloud-first strategyRegister Now


SAML 2 and validation (Shibboleth)

Posted on 2014-08-28
Medium Priority
Last Modified: 2014-08-29
Assuming the use case where the client gets a token from a SAML authority (IdP) and send the token to a web service:

On a previous thread an expert posted the following concerning how a web service validates  incoming tokens:

it comes back signed using the public key of the the identity organization and you check that the signature is valid (chain of trust, not expired)

Open in new window

I assume that the web service does not go to the IDP, but will write its own code in order to validate the message

Do products like Shibboleth provide any tools in which to assist in the validation of the  token?

Question by:Anthony Lucia
  • 2
LVL 57

Accepted Solution

McKnife earned 2000 total points
ID: 40290726
Sorry to start with an offtopic comment, but it should be obvious that your questions are flooding the forum - this is not a bad thing, but it seems a more specified forum for curl/SAML/Shibboleth should be considered to be used...
LVL 57

Expert Comment

ID: 40293016
You didn't need to accept my comment ;-)

Featured Post

Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you are like me and like multiple layers of protection, read on!
Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…
Suggested Courses
Course of the Month17 days, 23 hours left to enroll

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question