Sick of Acronyms Archive Pages Categories Tags

OpenSAML and Infocard

15 June 2007

OpenSAML (to include Apache Xmlsec) and the PHP RP seem to disagree about what to do with unused namespaces during canonicalization. Xmlsec strips out the namespace declaration, whereas the PHP keeps it in. Looking at the spec, I'm going to side with Xmlsec.

Raw XML:

<attribute xsd="http://www.w3.org/2001/XMLSchema" xsi="http://www.w3.org/2001/XMLSchema-instance" attributename="surname" attributenamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"><attributevalue>MyLastName</attributevalue></attribute>

XmlSec:

<Attribute AttributeName="surname" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"><AttributeValue>MyLastName</AttributeValue></Attribute>

PHP:

<Attribute xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" AttributeName="surname" AttributeNamespace="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname"><AttributeValue>MyLastName</AttributeValue></Attribute>
Fork me on GitHub