Dear Santuario developers, I tried to sign the SAML request but I got the empty Reference URI. The sample.xml that client sent me has <ds:Reference URI="#_85a81f6ddcb407a62b980891e3507f13"> which matches the RequestID in SAMLRequest. However, when I try to sign the request, I get the empty Reference URI.
Could someone show me how can I make it happen to create an non-empty Reference URI? Attached please find the code SignRequest.java that I used to sign request.xml. sample.xml is the sample that client sent me and it has non-empty Reference URI. Thank you David
SignRequest.java
Description: Binary data
<samlp:Request RequestID="joipmpbkamifgpneggeflpfehgpklipkhnccnmnj" MajorVersion="1" MinorVersion="1" IssueInstant="2013-05-17T21:22:38.612Z" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"><samlp:AssertionArtifact>AAEZoP2Au7WB4MOlr2KqTAyPi2VGGWKveH7aRMQxboCr5ik4wh58PpvE</samlp:AssertionArtifact></samlp:Request>
<samlp:Request xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" IssueInstant="2013-05-17T21:22:38.612Z" MajorVersion="1" MinorVersion="1" RequestID="joipmpbkamifgpneggeflpfehgpklipkhnccnmnj"><samlp:AssertionArtifact>AAEZoP2Au7WB4MOlr2KqTAyPi2VGGWKveH7aRMQxboCr5ik4wh58PpvE</samlp:AssertionArtifact><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod> <ds:Reference URI=""> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature";></ds:Transform> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";> <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="code ds kind rw saml samlp typens #default xsd xsi"></ec:InclusiveNamespaces> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod> <ds:DigestValue>O788JGHTpo4t9NvVeIpTSdzZ3Ew=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> NTQRdswBKeomr0S6h5SHcune9Zgi6aXBiPmdF1l+2U2kuaJ/zKtt7cLp5btg01bfqcuvDa7XqSqW zd7FssDsZ4k9r3vJn8uAaGbGxAeQ9sRXvT1lWA8qdcqe8riGpMVW0gTAPnhpRXqv47X6cCKSyQeY IbDCv9kc5h+ZEAINa01RROcD3u63qxq53XoEWLjkD9jwH2LcwBQcj8UdOEOLOAChQOK2EIUj1cQP PmfTTOTxYi7Lx29ArLcnQ5oR9vRs1MD9PFhSTq29gmSdEo+zU8spmfBU8W8Nqc8wKVqdBiN790bT pAsVlGyqdBek0/30rB4ICX9buqkc8zGclucx6A== </ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> MIIDezCCAmOgAwIBAgIEdp1HkDANBgkqhkiG9w0BAQsFADBuMQswCQYDVQQGEwJVUzETMBEGA1UE CBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVubG8gUGFyazERMA8GA1UEChMIT1BFTkxBTkUxDjAM BgNVBAsTBWRlbW8yMRIwEAYDVQQDEwlzc29zZXJ2ZXIwHhcNMTMwNDEzMDU1MzQyWhcNMTQwNDEz MDU1MzQyWjBuMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTETMBEGA1UEBxMKTWVu bG8gUGFyazERMA8GA1UEChMIT1BFTkxBTkUxDjAMBgNVBAsTBWRlbW8yMRIwEAYDVQQDEwlzc29z ZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCYu3SFB4orUGPkq+lMq1ev3LLc 0B9VEoBRwtmdbbFgrdGhIyM6dQzz93a318BVaKzn9ZoMJtpLGEMvfumeowaDoOdjcBlG/M1S9mQj S+4kn/NbXU5Zc6EnCy40MGPunw/LYdcFVdHokafVW7ewxB15lgZ/1a0KQhLGAvNL5Bv4okKe7veR Qyr8GaVhMCmSld0yJrAbErtUlXN9/KacFw6cDFNN2szrYmleNuy3YPOk0AMcg0OplJ2ImZ1KV1Yj lkpCDaP/2X06zNQt5vV+3qXc+pS+3dqFCJYlkcbwbyTHyBeDCVQBX9qK1EK3PI6ZDWBBsP3bz6s5 XGkbx36HuGndAgMBAAGjITAfMB0GA1UdDgQWBBR4RG2K+nC9GK5Vno2kGGT0sCouozANBgkqhkiG 9w0BAQsFAAOCAQEAiFT5f4jF68P67eczDGuJlw+mJ1zVi+yw/btsgekliIW8dFcIjEejPLGlCwzV f23ZUsWq7IihlmSg+cQbK0NchNqv1r9RaHiRF2HuE85pg2ZXsNzumjs7En9AS8nh8OhD0m8qLThi MBTIQ4gHZ0GL9CgwsWpvMSCBcSI51S6bJmaltdTJEWtmgHE7m72U8x/Hw7DG1Dbd4BlA9p3fi1Ws eHlumntesBOvt1OQ6sQkVl16PrgvKdOIAHabM2UYx4l70bZ8kcHSBpORufZuo5HvVdkjlvtiWxZ7 xNC+Cno7DqGVutxmiR6ZiHoPTzqgmCe2FVyObNuVqSCcUK+T5GX05Q== </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature></samlp:Request>
<Request xmlns="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; IssueInstant="2013-05-17T14:30:18.826Z" MajorVersion="1" MinorVersion="1" RequestID="_85a81f6ddcb407a62b980891e3507f13"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1";></ds:SignatureMethod> <ds:Reference URI="#_85a81f6ddcb407a62b980891e3507f13"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature";></ds:Transform> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="code ds kind rw saml samlp typens #default xsd xsi"></ec:InclusiveNamespaces></ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod> <ds:DigestValue>aMWmNOqzmPzQU2Lggs7ycB5h2JA=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>kaDghg8eVOOGUZEOYNun+gZdXkxO6d/A34s0E44y9S8B2CDWAsqhtQ==</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> MIIDBDCCAsICBEX1qfMwCwYHKoZIzjgEAwUAMGgxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJJTjEV MBMGA1UEBxMMSU5ESUFOQVBPTElTMRIwEAYDVQQKEwlBREVTQUVCSVoxETAPBgNVBAsTCEFERVNB IElUMQ4wDAYDVQQDEwVBREVTQTAeFw0wNzAzMTIxOTI4NTFaFw0wNzA2MTAxOTI4NTFaMGgxCzAJ BgNVBAYTAlVTMQswCQYDVQQIEwJJTjEVMBMGA1UEBxMMSU5ESUFOQVBPTElTMRIwEAYDVQQKEwlB REVTQUVCSVoxETAPBgNVBAsTCEFERVNBIElUMQ4wDAYDVQQDEwVBREVTQTCCAbcwggEsBgcqhkjO OAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1 ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMC NVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXW mz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozI puE8FnqLVHyNKOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtV JWQBTDv+z0kqA4GEAAKBgD8FAGDeOl7UBRXpkqAAznHABTpvKWWYXFq5Ij9N6yDl+Wc599sP5WDn 3p7kpUwMm3QNWoe5YL2QUBT43u8uZMcC/yhjji/w9nK1tR7n02/pofbKvzOdhnn33lSyC/dcbvKE ug/7qgPryJalEMi81cu25xHQngj0g0t/6e5pbwHiMAsGByqGSM44BAMFAAMvADAsAhRMlSNxBA/9 OFCrK8XHDz4P7up9pwIUbwCwVz1JQXE1uhpe1WAWOgGr3ww= </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo></ds:Signature><AssertionArtifact>AAEZoP2Au7WB4MOlr2KqTAyPi2VGGUbDnN2VJmW8mElc9Dc0lczpBzCJ</AssertionArtifact></Request>
