Hi, I'm having an issue trying to verify a signed SAML Response. Our implementation is using ColdFusion 9 & JRun 4 (which I don't believe are effecting the outcome). We are able to load the necessary Jars and create and sign the response. Upon signing, we validate the signing, which returns True. Once the Xml Document is changed to string data, encoded in Base 64, decoded and parsed back into a Xml document, we are unable to validate the signature. I have even gone as far as getting the Signature Values on both versions of the SAML Response. In both cases, the Signature Value is exactly the same. We have also outputted the Xml to a document, both before and after encoding, and found that the documents match 100%. Yet, no matter what I change or what example I read, I cannot validate the encoded/decoded SAML Response.
Any help in things I should be looking for and/or trying would be greatly appreciated. Thanks in advance, Brandon -- Brandon Moser [email protected] brandonmoser.com
