$cmd looks wrong. Can you look it over? Compare it to the original:
$cmd = 'C:\libs\xmlsec-win32\xmlsec sign --privkey-pem ' .
$privKey .
' --pubkey-der ' . $pubKey . ' --output ' .
$tempFileName .
'.out ' . $tempFileName;
-alex
On Nov 29, 4:03 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
wrote:
> hi
>
> i've executed below commands in openssl
>
> 1.openssl dsaparam -out dsaparam.pem 1024
> 2.openssl gendsa -out dsaprivkey.pem dsaparam.pem
> 3.openssl dsa -in dsaprivkey.pem -outform DER -pubout -out
> dsapubkey.der
> 4.openssl pkcs8 -topk8 -inform PEM -outform DER -in dsaprivkey.pem -
> out dsaprivkey.der -nocrypt
> 5.openssl req -new -x509 -key dsaprivkey.pem -out dsacert.pem
>
> And in process_response.php
>
> $pubKey = 'keys/dsapubkey.der';
> $privKey = 'keys/dsaprivkey.pem';
> $keyType = 'dsa';
>
> And the
>
> $cmd =C:\libs\xmlsec-win32\xmlsec sign --privkey-cert keys/
> dsaprivkey.pem --pubkey-cert keys/dsapubkey.key --output saml-response-
> ecgbacfkpgaojkmebbhnphhpfpiknfbgimobpage.xml.out
>
> tell me is there any thing wrong
>
> On Nov 29, 4:49 pm, "Alex (Google)" <[EMAIL PROTECTED]> wrote:
>
> > The KeyValue is empty.
>
> > What was the exact sequence of openssl commands you executed?
>
> > What did you change $privKey, $pubKey and $cmd to in
> > process_response.php?
>
> > -alex
>
> > On Nov 29, 2:51 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> > wrote:
>
> > > Thank YOU for yor reply here i'm pasting saml response could pls check
> > > this
>
> > > "
> > > <saml:Response ID="cimcldciieeamcbohoeonnodmbjjjageckoomhel"
> > > IssueInstant="2007-11-29T05:55:46Z" Version="2.0"
> > > Destination="https://www.google.com/a/unifyingchurch.net/acs";
> > > InResponseTo="nknijgmdifpfbohdabohmfegclfkhjaijpakoege"
> > > xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
> > > xmlns:saml="urn:oasis:names:tc:SAML:2.0:protocol"
> > > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
> > > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
> > > <SignedInfo>
> > > <CanonicalizationMethod Algorithm="http://www.w3.org/TR/
> > > 2001/REC-xml-c14n-20010315#WithComments" />
> > > <SignatureMethod Algorithm="http://www.w3.org/2000/09/
> > > xmldsig#dsa-sha1" />
> > > <Reference URI="">
> > > <Transforms>
> > > <Transform Algorithm="http://www.w3.org/2000/09/
> > > xmldsig#enveloped-signature" />
> > > </Transforms>
> > > <DigestMethod Algorithm="http://www.w3.org/2000/09/
> > > xmldsig#sha1" />
> > > <DigestValue></DigestValue>
> > > </Reference>
> > > </SignedInfo>
> > > <SignatureValue>SkoEIQ749Iq1YGm6P1YHu+6yns1wb7EMJwyB83xmk2RkIw
> > > +//zYxjA==</SignatureValue>
> > > <KeyInfo>
> > > <KeyValue></KeyValue>
> > > </KeyInfo>
> > > </Signature>
> > > <saml:Status>
> > > <saml:StatusCode
> > > Value="urn:oasis:names:tc:SAML:2.0:status:Success"/
>
> > > </saml:Status>
> > > <Assertion ID="ffahdnefcokaiadnebihkkmbhkhhcilmifclphnj"
> > > IssueInstant="2007-11-29T05:55:46Z" Version="2.0"
> > > xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
> > > <Issuer>unifyingchurch.net</Issuer>
> > > <Subject>
> > > <NameID
> > > Format='urn:oasis:names:tc:SAML:2.0:nameid-
> > > format:emailAddress'>
> > > martini
> > > </NameID>
> > > <SubjectConfirmation
> > > Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/
>
> > > </Subject>
> > > <Conditions NotBefore="2007-11-29T05:50:46Z"
> > > NotOnOrAfter="2007-11-29T06:05:46Z">
> > > </Conditions>
> > > <AuthnStatement AuthnInstant="2007-11-29T05:55:46Z">
> > > <AuthnContext>
> > > <AuthnContextClassRef>
> > >
> > > urn:oasis:names:tc:SAML:2.0:ac:classes:Password
> > > </AuthnContextClassRef>
> > > </AuthnContext>
> > > </AuthnStatement>
> > > </Assertion>
> > > </saml:Response>
>
> > > "
>
> > > I've generated the certificate by following the insrtructions in the
> > > below url
>
> > >http://code.google.com/support/bin/answer.py?answer=71864&topic=12142...
>
> > > pls tell me is there any thing wrong.
>
> > > On Nov 29, 1:59 pm, "Alex (Google)" <[EMAIL PROTECTED]> wrote:
>
> > > > Hi Satya,
>
> > > > Can you post or upload the SAMLResponse? That error message usually
> > > > indicates some problem with the SAMLResponse.
>
> > > > -alex
>
> > > > On Nov 27, 4:06 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]>
> > > > wrote:
>
> > > > > Hi,
>
> > > > > Please help me on this.
> > > > > I integrated saml v2.0. In that I've created my own dsapublickey and
> > > > > dsaprivate key. With both of these i've created dsa certificate and
> > > > > i've uploaded it into the google apps.
> > > > > After executing the sample demo code i got error like below :
>
> > > > > "This account cannot be accessed because we could not parse the login
> > > > > request.
> > > > > We are unable to process your request at this time, please try again
> > > > > later".
>
> > > > > Please help me out of this problem. I have gone thru all previous
> > > > > discussions which are posted on the same issue. I didnt find any
> > > > > reasons.
>
> > > > > Thank you.
>
> > > > > regards,
>
> > > > > satya- Hide quoted text -
>
> > > > - Show quoted text -- Hide quoted text -
>
> > - Show quoted text -
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Google Apps APIs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/google-apps-apis?hl=en
-~----------~----~----~----~------~----~------~--~---
