Hi alex, Thank you for your response. We've successfully executed every thing in local as well as in online also. But i've one problem. i want to be execute entire demo code by clicking the button and it has to be go directly to the gmail page. I did the first one, but gmail page is opening in another window. i want to be open the gmail page in same page. And i've tested the code by removing "target="_blank" in identity_provider.php fie but it is going to the google login page. could you please help on this.
thank you regards satya On Nov 30, 3:46 am, "Alex (Google)" <[EMAIL PROTECTED]> wrote: > $cmd looks wrong. Can you look it over? Compare it to the original: > > $cmd = 'C:\libs\xmlsec-win32\xmlsec sign --privkey-pem ' . > $privKey . > ' --pubkey-der ' . $pubKey . ' --output ' . > $tempFileName . > '.out ' . $tempFileName; > > -alex > > On Nov 29, 4:03 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > wrote: > > > > > hi > > > i've executed below commands in openssl > > > 1.openssl dsaparam -out dsaparam.pem 1024 > > 2.openssl gendsa -out dsaprivkey.pem dsaparam.pem > > 3.openssl dsa -in dsaprivkey.pem -outform DER -pubout -out > > dsapubkey.der > > 4.openssl pkcs8 -topk8 -inform PEM -outform DER -in dsaprivkey.pem - > > out dsaprivkey.der -nocrypt > > 5.openssl req -new -x509 -key dsaprivkey.pem -out dsacert.pem > > > And in process_response.php > > > $pubKey = 'keys/dsapubkey.der'; > > $privKey = 'keys/dsaprivkey.pem'; > > $keyType = 'dsa'; > > > And the > > > $cmd =C:\libs\xmlsec-win32\xmlsec sign --privkey-cert keys/ > > dsaprivkey.pem --pubkey-cert keys/dsapubkey.key --output saml-response- > > ecgbacfkpgaojkmebbhnphhpfpiknfbgimobpage.xml.out > > > tell me is there any thing wrong > > > On Nov 29, 4:49 pm, "Alex (Google)" <[EMAIL PROTECTED]> wrote: > > > > The KeyValue is empty. > > > > What was the exact sequence of openssl commands you executed? > > > > What did you change $privKey, $pubKey and $cmd to in > > > process_response.php? > > > > -alex > > > > On Nov 29, 2:51 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > > > wrote: > > > > > Thank YOU for yor reply here i'm pasting saml response could pls check > > > > this > > > > > " > > > > <saml:Response ID="cimcldciieeamcbohoeonnodmbjjjageckoomhel" > > > > IssueInstant="2007-11-29T05:55:46Z" Version="2.0" > > > > Destination="https://www.google.com/a/unifyingchurch.net/acs"; > > > > InResponseTo="nknijgmdifpfbohdabohmfegclfkhjaijpakoege" > > > > xmlns="urn:oasis:names:tc:SAML:2.0:assertion" > > > > xmlns:saml="urn:oasis:names:tc:SAML:2.0:protocol" > > > > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> > > > > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> > > > > <SignedInfo> > > > > <CanonicalizationMethod Algorithm="http://www.w3.org/TR/ > > > > 2001/REC-xml-c14n-20010315#WithComments" /> > > > > <SignatureMethod Algorithm="http://www.w3.org/2000/09/ > > > > xmldsig#dsa-sha1" /> > > > > <Reference URI=""> > > > > <Transforms> > > > > <Transform Algorithm="http://www.w3.org/2000/09/ > > > > xmldsig#enveloped-signature" /> > > > > </Transforms> > > > > <DigestMethod Algorithm="http://www.w3.org/2000/09/ > > > > xmldsig#sha1" /> > > > > <DigestValue></DigestValue> > > > > </Reference> > > > > </SignedInfo> > > > > <SignatureValue>SkoEIQ749Iq1YGm6P1YHu+6yns1wb7EMJwyB83xmk2RkIw > > > > +//zYxjA==</SignatureValue> > > > > <KeyInfo> > > > > <KeyValue></KeyValue> > > > > </KeyInfo> > > > > </Signature> > > > > <saml:Status> > > > > <saml:StatusCode > > > > Value="urn:oasis:names:tc:SAML:2.0:status:Success"/ > > > > > </saml:Status> > > > > <Assertion ID="ffahdnefcokaiadnebihkkmbhkhhcilmifclphnj" > > > > IssueInstant="2007-11-29T05:55:46Z" Version="2.0" > > > > xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> > > > > <Issuer>unifyingchurch.net</Issuer> > > > > <Subject> > > > > <NameID > > > > Format='urn:oasis:names:tc:SAML:2.0:nameid- > > > > format:emailAddress'> > > > > martini > > > > </NameID> > > > > <SubjectConfirmation > > > > Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/ > > > > > </Subject> > > > > <Conditions NotBefore="2007-11-29T05:50:46Z" > > > > NotOnOrAfter="2007-11-29T06:05:46Z"> > > > > </Conditions> > > > > <AuthnStatement AuthnInstant="2007-11-29T05:55:46Z"> > > > > <AuthnContext> > > > > <AuthnContextClassRef> > > > > > > > > urn:oasis:names:tc:SAML:2.0:ac:classes:Password > > > > </AuthnContextClassRef> > > > > </AuthnContext> > > > > </AuthnStatement> > > > > </Assertion> > > > > </saml:Response> > > > > > " > > > > > I've generated the certificate by following the insrtructions in the > > > > below url > > > > >http://code.google.com/support/bin/answer.py?answer=71864&topic=12142... > > > > > pls tell me is there any thing wrong. > > > > > On Nov 29, 1:59 pm, "Alex (Google)" <[EMAIL PROTECTED]> wrote: > > > > > > Hi Satya, > > > > > > Can you post or upload the SAMLResponse? That error message usually > > > > > indicates some problem with the SAMLResponse. > > > > > > -alex > > > > > > On Nov 27, 4:06 am, "[EMAIL PROTECTED]" <[EMAIL PROTECTED]> > > > > > wrote: > > > > > > > Hi, > > > > > > > Please help me on this. > > > > > > I integrated saml v2.0. In that I've created my own dsapublickey and > > > > > > dsaprivate key. With both of these i've created dsa certificate and > > > > > > i've uploaded it into the google apps. > > > > > > After executing the sample demo code i got error like below : > > > > > > > "This account cannot be accessed because we could not parse the > > > > > > login > > > > > > request. > > > > > > We are unable to process your request at this time, please try again > > > > > > later". > > > > > > > Please help me out of this problem. I have gone thru all previous > > > > > > discussions which are posted on the same issue. I didnt find any > > > > > > reasons. > > > > > > > Thank you. > > > > > > > regards, > > > > > > > satya- Hide quoted text - > > > > > > - Show quoted text -- Hide quoted text - > > > > - Show quoted text -- Hide quoted text - > > - Show quoted text - --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
