On Fri, Aug 27, 2010 at 6:49 AM, Scott Cantor <canto...@osu.edu> wrote: >> Any help or tips would be *much* appreciated. > > First tip is that posting signed XML in email won't help with debugging it, > it's already trashed at that point. Every character of whitespace matters.
OK. That might be hard to come by since the federation server is writing them out to its logs in who knows what manner. I can serialize the XML to a file on my end no problem, but not sure about how to go about this on the server side. If I succeed, I'll post them here as attachments ;-) > The general answer is that you need to obtain the digested octets on *both* > ends to compare them. > > You may find this helpful: > https://spaces.internet2.edu/display/OpenSAML/OSTwoUserManSigErrors This link is really useful. > Either the signer is buggy or you've corrupted the XML in transit, but the > only way to know is to compare the bits after c14n. Thanks for the advice, Scott. I'll give this another shot and post back here if I get stuck. -- Regards, Travis Spencer
