How do I locally validate SAML assertions that are signed from various keys?

Solution Unverified - Updated -

Issue

  • There are more than one possible key that I need to check to verify the signature of an incoming SAML assertion. Currently it seems that SAML2STSLoginModule only checks one certificate for matching purposes. How do I locally validate SAML assertions that are signed from various keys?

Environment

  • JBoss Enterprise Application Platform (EAP) 6.1+

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content