SAML debugger not decoding correctly?

12 views
Skip to first unread message

hortitude

unread,
Dec 17, 2009, 5:48:16 PM12/17/09
to simpleSAMLphp
I am testing my site using simplesamlphp as both the service provider
and the identify provider (each is installed on two separate
machines).

This has been working great.

I went to look at the metadata using the saml2debugger module.

I copied the header into the box and it was able to decode.

However, I can visually see in the header that it is sending the
"RelayState" so that I will go to the correct page after
authentiation. I don't see this RelayState in the decoded message.

Any thoughts?

Thanks!

Olav Morken

unread,
Dec 18, 2009, 1:53:33 AM12/18/09
to simple...@googlegroups.com
On Thu, Dec 17, 2009 at 14:48:16 -0800, hortitude wrote:
> I am testing my site using simplesamlphp as both the service provider
> and the identify provider (each is installed on two separate
> machines).
>
> This has been working great.
>
> I went to look at the metadata using the saml2debugger module.

I assume that you meant authentication request here, and not metadata?

> I copied the header into the box and it was able to decode.
>
> However, I can visually see in the header that it is sending the
> "RelayState" so that I will go to the correct page after
> authentiation. I don't see this RelayState in the decoded message.
>
> Any thoughts?

The RelayState isn't part of the message, it is a piece of additional
data for the bindings (i.e. HTTP-Redirect and HTTP-POST) that is used.
As such, it isn't included when you decode the message.

More information can be found in the SAML 2 binding specification:
http://docs.oasis-open.org/security/saml/v2.0/saml-bindings-2.0-os.pdf

--
Olav Morken

Reply all
Reply to author
Forward
0 new messages