supplied TrustEngine failed to validate SSL/TLS server certificate - while validating the saml response send by idp to SP
Peter Schober
peter.schober at univie.ac.at
Fri Jul 27 07:41:33 EDT 2018
Forgot to comment on some of your statements:
* anuptiwary <anup.kr.tiwary at gmail.com> [2018-07-27 13:05]:
> As I can see in idp-process log. there is attribute principalId
> which is released by idp
No, your log states:
"No attributes remained after encoding and filtering by value, no
attribute statement built"
So no attributes have been released. From other log lines that's
because it has no encoder attached to it. So your resolver is likely
wrong.
> but seems my attribute-mapping or some other mapping does not hold
> true to pass it to SP.
That wouldn't make a missing attribute appear, but we also don't know
your attribute map.
> I have now configured below line (where principleId is now added ) after
> looking at idp-process logs.
>
> <ApplicationDefaults entityID="http://localhost:8080/WebUI"
> REMOTE_USER="principalId sn eppn persistent-id targeted-id NameID"
> signing="false" encryption="false" attributePrefix="AJP_"
> homeURL="http://localhost:8080/WebUI">
That's not how/where you map attributes. Also "sn" is not appropriate
as a unique identifier, and "NameID" probably doesn't exist, unless
you have created it in your attribute-map.xml.
-peter
More information about the users
mailing list