<EntitiesDescriptor
xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+ xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
<EntityDescriptor
entityID="https://idp.example.org">
<IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
- <ds:KeyInfo>
+ <ds:KeyInfo Id="examplekey">
<ds:KeyName>sp.example.org</ds:KeyName>
<ds:X509Data>
<ds:X509Certificate>
</EntityDescriptor>
+<EntityDescriptor
+ entityID="https://idp3.example.org">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds11:KeyInfoReference URI="#examplekey"/>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <SingleSignOnService Binding="foo" Location="foo"/>
+ </IDPSSODescriptor>
+
+</EntityDescriptor>
+
</EntitiesDescriptor>
\ No newline at end of file
janitor2.release();
Locker locker(metadataProvider.get());
- const EntityDescriptor* descriptor = metadataProvider->getEntityDescriptor(MetadataProvider::Criteria("https://idp.example.org")).first;
+ const EntityDescriptor* descriptor = metadataProvider->getEntityDescriptor(MetadataProvider::Criteria("https://idp3.example.org")).first;
TSM_ASSERT("Retrieved entity descriptor was null", descriptor!=nullptr);
RoleDescriptor* role=descriptor->getIDPSSODescriptors().front();
TSM_ASSERT("Signature not present", sig!=nullptr);
MetadataCredentialCriteria cc(*role);
- cc.setPeerName("https://idp.example.org");
+ cc.setPeerName("https://idp3.example.org");
TSM_ASSERT("Signature failed to validate.", dynamic_cast<SignatureTrustEngine*>(trustEngine.get())->validate(*sig, *metadataProvider, &cc));
descriptor = metadataProvider->getEntityDescriptor(MetadataProvider::Criteria("https://idp2.example.org")).first;