OpenSAML 3.4.1 saml2p:Response SignatureValue contains necoded CR

Ivaylo Milev i.milev at gmail.com
Fri Aug 13 09:30:30 UTC 2021


Hi guys,

Apologies if this is not the right list, but I am trying to get OpenSAML to
generate a saml2p:Response without any line breaks (or whitespace for that
matter), and could not find the OpenSAML specific list (got 404).

I have tried providing the -Dorg.apache.xml.security.ignoreLineBreaks=true
option to the JVM, but the output generated by OpenSAML 3.4.1 still
includes the 
 in the SignatureValue.

I know xml dig signature processors *should* be able to deal with /n and
/r/n cases, but I suspect a .NET client using Sustainsys2 doesn't.

Anyhow, I would appreciate any guidance on how to produce a Response that
has no &xd; characters (or CRLFs) in the SignatureValue, or one that has
been cannonicalized to exclude any superflous whitespace altogether.

Thanks,

Ivaylo

PS  I have been led to use org.apache.xml.security.ignoreLineBreaks=true by
the below:


https://shibboleth.atlassian.net/browse/OSJ-267?focusedCommentId=29666&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel&=
https://shibboleth.atlassian.net/browse/XSTJ-69
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210813/c7efcf8d/attachment.htm>


More information about the users mailing list