How to process received request or response ?

There are mainly three bindings: SOAP, Redirect or POST (whether you use ID-FFv1.2 or SAMLv2).

  • With SOAP you must pass the body of the received POST request to the processing functions like lasso_logout_process_request_msg.
    • with PHP, use @file_get_contents('php://input'),
    • with Java, use DataInputStream(request.getInputStream()).readUTF(),
    • with Perl or Python, it will depend upon you web framework.
  • With HTTP-Redirect you must pass the query string i.e. the part of the URL after the character ? to the processing function.
    • with PHP, use $_SERVER["QUERY_STRING"],
    • with Java, use request.getQueryString() if you use the standard Java servlet classes (HttpServletRequest),
    • with Perl or Python, it will depend upon you web framework.
  • With HTTP-Post you must pass the content of the field containing the message, still Base64 encoded. For SAMLv2 it means the fields named SAMLRequest and SAMLResponse. For ID-FFv1.2 it means the field named LAREQ or LARES.
    • with PHP, use $_POST["SAMLRequest"], and replace the name of the field by the appropriate name,
    • with Java, use request.getParameter("SAMLRequest")
    • with Perl or Python, it will depend upon you web framework.

Processing a request or a response returns LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE (or emit exception ProfileCannotVerifySignatureError or ProfileCannotVerifySignatureException) ?

It means the message you received was not signed. It usually means that your peer choose to not sign the message. If this is not a problem for your, just add this call before the processing,


or with python:


or with java:


or with PHP5

Also available in: PDF HTML TXT