Ian Hummel wrote:
signature = new XMLSignature(signatureElement,
System.getProperty("java.io.tmpdir"));
That second arg doesn't look right, it's the base URI for resolving
relative URI references. The examples you saw may have that because
they were signing files that lived in that directory or something (so a
detached signature). For this kind of enveloped signature with a same
document fragment URI, just pass an "" (empty string) there. May or may
not be the actual problem.
SignedInfo signedInfo = signature.getSignedInfo();
logger.info("signedInfo? " + signedInfo);
signature.setFollowNestedManifests(true);
You don't need to set that flag. You don't have any Manifests in an
enveloped SAML Assertion signature like this. Probably is not doing
anything bad, so I doubt is the problem.
Everything else looks good off-hand.
--Brent
