h1. FAQ

h2. How to process received request or response ?

There are mainly three bindings: SOAP, Redirect or POST (whether you use ID-FFv1.2 or SAMLv2).

* With SOAP you must pass the body of the received POST request to the processing functions like @lasso_logout_process_request_msg@.
** with PHP, use @@file_get_contents('php://input')@,
** with Java, use @DataInputStream(request.getInputStream()).readUTF()@,
** with Perl or Python, it will depend upon you web framework.

* With HTTP-Redirect you must pass the query string i.e. the part of the URL after the character ? to the processing function. 
** with PHP, use @$_SERVER["QUERY_STRING"]@,
** with Java, use @request.getQueryString()@ if you use the standard Java servlet classes (@HttpServletRequest@),
** with Perl or Python, it will depend upon you web framework.

* With HTTP-Post you must pass the content of the field containing the message, still Base64 encoded. For SAMLv2 it means the fields named @SAMLRequest@ and @SAMLResponse@. For ID-FFv1.2 it means the field named @LAREQ@ or @LARES@.
** with PHP, use @$_POST["SAMLRequest"]@, and replace the name of the field by the appropriate name,
** with Java, use @request.getParameter("SAMLRequest")@
** with Perl or Python, it will depend upon you web framework.

h2. Processing a request or a response returns @LASSO_PROFILE_ERROR_CANNOT_VERIFY_SIGNATURE@ (or emit exception @ProfileCannotVerifySignatureError@ or @ProfileCannotVerifySignatureException@) ?

It means the message you received was not signed. It usually means that your peer choose to not sign the message. If this is not a problem for your, just add this call before the processing,

<pre>
lasso_profile_set_signature_verify_hint(LASSO_PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
</pre>

or with python:

<pre>
profile.setSignatureVerifyHint(lasso.PROFILE_SIGNATURE_VERIFY_HINT_IGNORE)
</pre>

or with java:

<pre>
profile.setSignatureVerifyHint(LassoConstant.PROFILE_SIGNATURE_VERIFY_HINT_IGNORE);
</pre>

or with PHP5