I ran into a problem today while working with the Ruby SAMLToolkit, an open source project by the OneLogin Identity Provider. This toolkit offers a relatively easy way to implement SAML authentication into your Rails application. Ratified in 2005 as an OASIS standard, SAML is definitely a great protocol to use for single sign on solutions in your application.
Since SAML is an XML based protocol, I’m sure you can image that in the Rails world, the nokogiri gem would prove useful in implementing SAML single sign on inside a rails app, since nokogiri enables robust document parsing, which is needed for the XML used by SAML.
And sure enough, the Ruby SAML Toolkit utilizes nokogiri!
But there’s a gotcha here. Nokogiri has a Nokogiri::XML module with a few constants: XML_C14N_1_0, XML_C14N_EXCLUSIVE_1_0, and. XML_C14N_1_1. These constants are utilized depending on the standard serialization of the SAML XML being processed during the single sign on handshakes between your application and the identity provider. Continue reading