FAQ¶
How to process received request or response ?¶
There are mainly three bindings: SOAP, Redirect or POST (whether you use ID-FFv1.2 or SAMLv2).
- With SOAP you must pass the body of the received POST request to the processing functions like
lasso_logout_process_request_msg.- with PHP, use
@file_get_contents('php://input'), - with Java, use
DataInputStream(request.getInputStream()).readUTF(), - with Perl or Python, it will depend upon you web framework.
- with PHP, use
- With HTTP-Redirect you must pass the query string i.e. the part of the URL after the character ? to the processing function.
- with PHP, use
$_SERVER["QUERY_STRING"], - with Java, use
request.getQueryString()if you use the standard Java servlet classes (HttpServletRequest), - with Perl or Python, it will depend upon you web framework.
- with PHP, use
- With HTTP-Post you must pass the content of the field containing the message, still Base64 encoded. For SAMLv2 it means the fields named
SAMLRequestandSAMLResponse. For ID-FFv1.2 it means the field namedLAREQorLARES.- with PHP, use
$_POST["SAMLRequest"], and replace the name of the field by the appropriate name, - with Java, use
request.getParameter("SAMLRequest") - with Perl or Python, it will depend upon you web framework.
- with PHP, use
Processing a request or a response returns LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE (or emit exception ProfileCannotVerifySignatureError or ProfileCannotVerifySignatureException) ?¶
It means the message you received was not signed. It usually means that your peer choose to not sign the message. If this is not a problem for your, just add this call before the processing,
lasso_profile_set_signature_verify_hint(LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
or with python:
profile.setSignatureVerifyHint(lasso.PROFILE_SIGNATURE_VERIFY_HINT_IGNORE)
or with java:
profile.setSignatureVerifyHint(LassoConstant.PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
or with PHP5