Hi, I see that you have two sets of <Signature> elements in your SAML response. One of them has the <KeyInfo> element but has no valid <KeyValue> value, which is required. Please make sure only include a valid Signature. Also, please remove both "-----BEGIN CERTIFICATE-----" and "-----END CERTIFICATE-----" from the <ds:X509Certificate> element as they should not be included.
Thanks, --Tony On Oct 29, 3:28 pm, Cyberlot <[EMAIL PROTECTED]> wrote: > Having issues with it accepting my request, below is a copy of the > whole form > > <form name="responseForm" action="https://www.google.com/a/phpjack.com/ > acs" method="post"> > <textarea name="SAMLResponse"><?xml version="1.0"?> > <samlp:Response xmlns="urn:oasis:names:tc:SAML:2.0:assertion" > xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; ID="pfx17f4e5f3-7f98-5ab5- > a40a-4339d92f3b03" IssueInstant="2008-10-29T22:04:25Z" Version="2.0" > Destination="https://www.google.com/a/phpjack.com/acs"; > InResponseTo="olimofobgdikicpieaejjfkngibbncklkjcopipd"> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> > <SignedInfo> > <CanonicalizationMethod Algorithm="http://www.w3.org/TR/ > 2001/REC-xml-c14n-20010315#WithComments"/> > <SignatureMethod Algorithm="http://www.w3.org/2000/09/ > xmldsig#rsa-sha1"/> > <Reference URI=""> > <Transforms> > <Transform Algorithm="http://www.w3.org/2000/09/ > xmldsig#enveloped-signature"/> > </Transforms> > <DigestMethod Algorithm="http://www.w3.org/2000/09/ > xmldsig#sha1"/> > <DigestValue/> > </Reference> > </SignedInfo> > <SignatureValue/> > <KeyInfo> > <KeyValue/> > </KeyInfo> > </Signature> > <samlp:Status> > <samlp:StatusCode Value="urn:oasis:names:tc:SAML: > 2.0:status:Success"/> > </samlp:Status> > <Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" > ID="egohdkfdipecpdomacjdmpaiopnpapoefnmihcmp" > IssueInstant="2008-10-29T22:04:25Z" Version="2.0"> > <Issuer>localdev.mashery.com</Issuer> > <Subject> > <NameID Format="urn:oasis:names:tc:SAML: > 1.1:nameid-format:emailAddress"> > [EMAIL PROTECTED] > </NameID> > <SubjectConfirmation > Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> > <SubjectConfirmationData > Recipient="https://www.google.com/a/phpjack.com/acs"; > NotOnOrAfter="2008-10-29T22:36:51Z" > InResponseTo="olimofobgdikicpieaejjfkngibbncklkjcopipd"/> > </SubjectConfirmation> > </Subject> > <Conditions NotBefore="2008-10-29T22:21:51Z" > NotOnOrAfter="2008-10-29T22:36:51Z"> > <AudienceRestriction> > <Audience>https://www.google.com/a/ > phpjack.com/acs</Audience> > </AudienceRestriction> > </Conditions> > <AuthnStatement AuthnInstant="2008-10-29T22:26:51Z"> > <AuthnContext> > <AuthnContextClassRef> > urn:oasis:names:tc:SAML: > 2.0:ac:classes:Password > </AuthnContextClassRef> > </AuthnContext> > </AuthnStatement> > </Assertion> > <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <ds:SignedInfo><ds:CanonicalizationMethod > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/ > xmldsig#rsa-sha1"/> > <ds:Reference URI="#pfx17f4e5f3-7f98-5ab5- > a40a-4339d92f3b03"><ds:Transforms><ds:Transform > Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ > ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/ > xmldsig#sha1"/><ds:DigestValue>0HBU6gX4GHG3wtSYtanoBALfTVw=</ > ds:DigestValue></ds:Reference></ > ds:SignedInfo><ds:SignatureValue>mPJbgG7dh1H8uf8AhenuJaB9jepU5mvphA3FmT1j7I > CtDA7ktQGn5Nnpy22JXQqYrPM5IEdaox821w > +waaEEtihf4q5bYvJUT31TSaQykTCg45zv > +lPZJY3dIviwDzZjAbMrzt0L2hGDU1aUYnEIj7KoDGjipCKYTSnScA8kDb2RKbfbPviKmaky9uu > sfjM > +0E3iKR5J7kilgqwFS+4rUXQYn5GrysIXlmgVlmBal/pgbN7nww > +cTof9MJkUvsfCZl9HOhH7cFUvxDFk5qf1aNqiPYuDWrEqbH33+ > +KwnDnKlxUBcWOQAztV9dCV1hR8j7PW7J25oMJ2Zt/dTehqeCwKVwgueD4pcuXRba/ > 2jjYkVYFLzMGrBUO/ > BUCFwqstql1lVbSMrQeoysHktjo7eFxjzU7McknNkR0RTisxNgg317PjLI1orW3Rs9L93mVoDe0 > 7naAITjJeDjEnm7X47eYyiW/ > rDM3JgUhJpzyHzlMnjno7/xxLu4WLnxHda4t07E7Fq8cn6EIw6weSQaH1xbgCZInp > +X8BB2HJKrU1dOUByEWhpCKBgYMpoFLO0fmN4vqyYuRsgLWN2teSsuP > +971a7ySCUjaKCVhwPOfqEPjGw+hGp2l1hPS/ > 0NtFNsRD7J5gQZIgMIQUMlieQMNBIt1JYVPw6+xdMqMPR4JxRKY=</ > ds:SignatureValue> > <ds:KeyInfo><ds:X509Data><ds:X509Certificate>-----BEGIN > CERTIFICATE----- > MIIGszCCBJugAwIBAgIJAJ4ngRfIIMGkMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYD > VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEZyYW4x > EDAOBgNVBAoTB01hc2hlcnkxEDAOBgNVBAsTB01hc2hlcnkxGDAWBgNVBAMTD3d3 > dy5tYXNoZXJ5LmNvbTEiMCAGCSqGSIb3DQEJARYTcmljaGFyZEBtYXNoZXJ5LmNv > bTAeFw0wODA4MDUxNzM0MTNaFw0wOTA4MDUxNzM0MTNaMIGXMQswCQYDVQQGEwJV > UzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIU2FuIEZyYW4xEDAOBgNV > BAoTB01hc2hlcnkxEDAOBgNVBAsTB01hc2hlcnkxGDAWBgNVBAMTD3d3dy5tYXNo > ZXJ5LmNvbTEiMCAGCSqGSIb3DQEJARYTcmljaGFyZEBtYXNoZXJ5LmNvbTCCAiIw > DQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAKYIjIcom+aidLRg6jLgvtaVlQWA > 3tXGGpsO9tYekl81b7hTkZoa6+1In91JNQtJT6UAIrsS7reXd8m3lH+LY5QuSbJs > 832rRSugqSn0wBNMmU6jR8Cd6C7TfJUq4SRRXg/yihgscwK+1tzGGIQ+Vv3TAbek > RNtEw/yVDavqGwqGBtt48kQaW2XulNaBYiAy35+EQXFmy8DKqPHNTrMUVWmAAXr/ > lOvZFiPTtpX1/gQJ4D79V6Q6abhX7TsVA4X94X2oxFW2BDlYH+p6r96N9liFKPxi > hKltrKPk/XK+bBe5M9QkPu64fVX9rs+FkjLgovqZ3XyHgME69tfwJd8G3sw+dnFc > 1zF7jX7s0uBrUUjKYr37NTgSIoBXrXcPn9vIJlP1c0YJlUBsIvGrFS67g+ch+Pyg > qQ3aCrXkzvGKOEYoB481Jq5SCe+jeiC2TVkO8HAlyYX0skT4LTqinI/VgqvOgB4C > CibTeTUOMqs5TPP2E2cKAD9rXVEiXhTwYNLX5jYV2HKEqtTRaVlWujaohdQDeq1Y > qEy/P4DJEXDrdV5MuwYx4FLaoT4Z741TBk115gjVSfpCgd+t7XNhGsLve8ETIV7l > G0u9MqHu3LCE06Ddt2Due9LcknlZdZ8akGWwfvHfCvN0y8WiBdl14jTpp75phqQs > zfoZmoxDcwegrCsFAgMBAAGjgf8wgfwwHQYDVR0OBBYEFMaoFS32mJWLZLQh0d2H > ankEe0+CMIHMBgNVHSMEgcQwgcGAFMaoFS32mJWLZLQh0d2HankEe0+CoYGdpIGa > MIGXMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMI > U2FuIEZyYW4xEDAOBgNVBAoTB01hc2hlcnkxEDAOBgNVBAsTB01hc2hlcnkxGDAW > BgNVBAMTD3d3dy5tYXNoZXJ5LmNvbTEiMCAGCSqGSIb3DQEJARYTcmljaGFyZEBt > YXNoZXJ5LmNvbYIJAJ4ngRfIIMGkMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF > BQADggIBAKIjUz8LwW8VoSEZ0Y2VRFmWicUq/nZp5wuWlWi0RWOpcbxZ5WUB4IWt > OrFuJ7S8SvqOPB32m8tCM5fhYbNl/ZKgduYts3YL4EqLA8Eflg5j7BNb42ZNcZAM > cZTXl09v3zdKJb5GAH54X8agDABQ4mvLRCt3ycUZr3VtzQgLwjgZcD1okF06nyQA > PK/ksB8O+yVw3bI4EkctgLbmBYbn5/OFWzHVNIpMamaSSyrcuqNqBHSHCaank5/B > O/W0jt5MGq4lnKnSPYn4EByEdfqrTE6OJmUF4MAlcMaGsWI4jhVddHkBj4kPlpkz > mwoceS435Hy/waCEJKQhyclv3wWhCl6NVmEiAeh3W/XBxCZk7li8kaYuOEsj3Z5g > AqZws/Zr6e+NToUoB2qdsKlYZXau8zkEbxl2fxQZMoT/FuQq1LS7OtJoIM6T5kER > wdiqgmgh7TC6VBWw5rRaz2uk5/gHt0jWLq6+38SwYi4d3l+HnpFi4C1P3qwe5c0A > dT+TitephrE3pK7MIPQaq8TvPz7gPRRDqtZumIrcV62xr5XOH73Z4/uffV9LHrWs > rXi1IUqbc+ooslqQB13xw4DVV9flQBqQrgH+gS45ZJLkoIKvlaa/snDkHcLPs8Ut > s/jA3Lr/loGIrg8UkpYGexYFwOTaxZfdHsleLJ35CnJUGH46WUBB > -----END CERTIFICATE----- > </ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></ > samlp:Response> > </textarea> > <input type=hidden name="RelayState" value="https://www.google.com/ > a/phpjack.com/ServiceLogin? > service=writely&passive=true&nui=1&continue=http%3A%2F > %2Fdocs.google.com%2Fa%2Fphpjack.com%2F"> > <input type=submit value="Go"> > </form> --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Google Apps APIs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/google-apps-apis?hl=en -~----------~----~----~----~------~----~------~--~---
