As Identity, We want SAML Mapping messages encoded coming in to Identity and decoded using Identity's Repose, using HTTP Post Binding So that character encoding issues are eliminated.
Message in as encoded as http post, comes out as xml.
Assuming content type is correct, take http request, get.parm.saml.response, get string back, decode string.
Do decoding SAML response parameter based on:
SAML Mapping messages decoded from a HTTP Post Binding
The SAML Response XML will be in the "SAMLResponse" field and will be URL and base64 encoded.
There may be other fields such as "RelayState" which should be dropped.
Content type of the request should be changed to application/xml
Its presence in the filter chain indicates the filter should process the request under the following conditions:
Method is POST, otherwise 405 - Method Not Allowed
Content type matches application/x-www-form-urlencoded, otherwise 415 - Unsupported Media Type
Body contains field "SAMLResponse", otherwise 400?
proper error handling is present for pieces that fail