Forums - C# Corner

Forum guidelines

How can validate SAML Assertion in .net

Jun 30 2011 1:32 AM
Hi All,

I am getting the valid SAML response from the vendor and I just want to validate SAML Assertion.

Below is the SAML response and I have mask few things with xxxxxxxxxxxxxxxxxxxxxx due to vendor concern.


http://xxxxxxxxxx.com/




http://xxxxxx.com/










xxxxxxxxxxxxxxxxxxxxxxx



xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx




xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx





xxxxxxxx

xxx





staff






http://xxxxxxxxxxxxxxxx.com









http://xxxx.com/





I have tried the below code in the .NET 3.5 web application and I am always getting the invalid signature message from the code. Please have a look in the code and suggest me.

Thanks in Advance.

XmlDocument doc = new XmlDocument();

doc.Load(Server.MapPath("SAML.xml"));

SignedXml signer = new CustomIdSignedXml(doc);

signer.AddReference(new Reference("#_d4559638-3abf-4433-9fad-b10f8a950351"));
// _d4559638-3abf-4433-9fad-b10f8a950351 is used as reference to DigestMethod & DigestValue.

signer.SigningKey = new RSACryptoServiceProvider();

signer.ComputeSignature();

string s = signer.GetXml().OuterXml;

SignedXml verifier = new CustomIdSignedXml(doc);

verifier.LoadXml(signer.GetXml());

if (verifier.CheckSignature(signer.SigningKey))
     Response.Write("Signature verified");
else
     Response.Write("Invalid signature");




Answers (2)

Join a Chapter

SPONSORED BY

Custom Software Development
MCN is your source for developing solutions involving websites, mobile apps, cloud-computing, databases, BI, back-end services and processes and client-server applications.