I’m trying to sign an authnRequest with SAML2Signature , the document is signed but the signature is not valid ,since i added extensions to my request , this is the code i used :
signSamlRequest(Document document, String correlationId) {
*** try {***
*** PrivateKey privateKey = SamlHelper.loadPrivateKeyFromFile(“private_key.pem”);***
*** X509Certificate certificate = SamlHelper.loadX509CertificateFromFile(“certificate.crt”);***
*** PublicKey publicKey = SamlHelper.loadPublicKeyFromFile(“public_key.pem”);***
*** KeyPair keyPair = new KeyPair(publicKey, privateKey);***
*** SAML2Signature samlSignature = new SAML2Signature();***
*** samlSignature.setX509Certificate(certificate);***
*** samlSignature.setDigestMethod(SignatureAlgorithm.RSA_SHA512.getXmlSignatureDigestMethod());***
*** samlSignature.setSignatureMethod(SignatureAlgorithm.RSA_SHA512.getXmlSignatureMethod());***
*** samlSignature.setSignatureIncludeKeyInfo(true);***
*** samlSignature.setNextSibling(samlSignature.getNextSiblingOfIssuer(document));***
*** samlSignature.signSAMLDocument(document, null, keyPair, Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);***
*** HardcodedKeyLocator keyLocator = new HardcodedKeyLocator(publicKey);***
*** log.info(“{} : SAMLRequest : is signature validated ? : {}”, correlationId, samlSignature.validate(document, keyLocator));***
*** } catch (ProcessingException e) {***
*** log.error(“{} : Error while signing SAML request”, correlationId, e);***
*** }***