Issue with URL re-direct after IDP authentication - signing Assertion
Justin Russo
justin9 at ymail.com
Thu Jul 11 16:27:00 EDT 2013
Turning them off would imply my SP is not a trusted one with the IDP.
It will work but i'm not sure whether there might be any consequences in future.
________________________________
From: Peter Schober <peter.schober at univie.ac.at>
To: users at shibboleth.net
Sent: Thursday, July 11, 2013 4:21 PM
Subject: Re: Issue with URL re-direct after IDP authentication - signing Assertion
* justin9 <justin9 at ymail.com> [2013-07-11 22:17]:
> <ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
> xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">https://myidp.org/SAML2/IDP</ns1:Issuer>
> <Status>
> <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester">
> <StatusCode
> Value="urn:oasis:names:tc:SAML:2.0:status:RequestDenied"/>
> </StatusCode>
> <StatusMessage>Invalid signature.</StatusMessage>
> </Status>
> </Response>
Try turning encryption and signing (of authentication requests) off
again in your SP, which is what Scott already told you 3 times now.
No idea why that would not happen on any authentication request from
your SP, though.
-peter
--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://shibboleth.net/pipermail/users/attachments/20130711/d7386763/attachment.html
More information about the users
mailing list