Validating saml updating my blackberry 8530
You may want to validate that the installed certificate is correct after installation.Read the certificate "fingerprint" by inspecting the certificate as described above.
I have verified the SAML response with other tools, so I know it is valid (excluding timing issues, not a factor to the digital signature).
The information sent between id.and your application is sent over internet, and could in theory be tampered with by the user or other individuals with malicious intentions. We recommend to install the CA certificate and validate the incoming SAML responses using this certificate.
The name of the certificate is used as input to the library you are using for validating SAML responses from id.
they are stateless and traverse the , here's how: Alternatively, you may wish to attach validators directly to the SAMLObject and evaluate them at some point later.
without validating signature, expiration and audience. It allows you to get information from the token like the Issuer name in order to obtain the right public key to validate the token in a multi-providers scenario.