Java c14n Canonicalizer is switching up the attribute order of the canonicalized XML assertion.
The canonicalizer is outputting the following string post canonicaliztion:
<saml:Assertion ID="_llhn27aoVN60ug" IssueInstant="2021-11-26T22:10:37.067073Z" Version="2.0" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion
However, according to the canonicalizer documentation , xmlns:saml attribute should come before the SAML: Assertion ID attribute.
This change in the ordering of the attributes is preventing the accurate calculation of the digest value.
I am using the following canonicalizer:
org.apache.xml.security.c14n.Canonicalizer
Does anyone have any idea on as to how this can be fixed ?
