Issue with RSA signing in IBM DataPower

Soujanya Bargavi 6 years ago updated by Rafał Strzaliński (Senior Engineer) 6 years ago 1

I am unable to generate specific sections of SAML assertions in IBM DataPower while trying to digitally sign a request (Product details: Build: 277257, Firmware: IDG. I have the uploaded the public crypto certificate on DataPower but I am unable to configure DataPower to generate the following two sections (The below is the format in which the backend expects the DataPower output):


<ds:KeyInfo Id="KeyId-xxx">
  <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" wsu:Id="xxx" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
    <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">xxx</wsse:KeyIdentifier>

Are there any settings on DataPower to generate these header? Or we need to place a custom XSL transform to generate these headers?



IBM DataPower is not our product. We do not provide support for this product. Please call IBM.