<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="#0563C1" vlink="#954F72" style="word-wrap:break-word">
<div class="WordSection1">
<p class="MsoNormal">Trying to find the reason for this error. “The request cannot be fulfilled because the message received does not meet the security requirements of the login service”<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The Metadata config has been checked and is per the vendor’s recommendation.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Not seeing errors, but warnings. <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2022-10-27 15:11:46,668 - DEBUG [PROTOCOL_MESSAGE:127] - 123.123.123.123 - node01ac1xhe309ceqenezc35zwf2k394828 -<o:p></o:p></p>
<p class="MsoNormal"><?xml version="1.0" encoding="UTF-8"?><o:p></o:p></p>
<p class="MsoNormal"><samlp:AuthnRequest<o:p></o:p></p>
<p class="MsoNormal"> AssertionConsumerServiceURL=<a href="https://somesp.somesp.com/saml-prodtest/token">https://somesp.somesp.com/saml-prodtest/token</a><o:p></o:p></p>
<p class="MsoNormal"> Destination=<a href="https://sso.it.utsa.edu/idp/profile/SAML2/Redirect/SSO">https://sso.it.utsa.edu/idp/profile/SAML2/Redirect/SSO</a><o:p></o:p></p>
<p class="MsoNormal"> ID="_d0fd17d8c3c271dd00e5" IssueInstant="2022-10-27T20:11:37.505Z"<o:p></o:p></p>
<p class="MsoNormal"> ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"<o:p></o:p></p>
<p class="MsoNormal"> Version="2.0" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><o:p></o:p></p>
<p class="MsoNormal"> <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><a href="https://host.someissuer.com/%3c/saml:Issuer">https://host.someissuer.com/</saml:Issuer</a>><o:p></o:p></p>
<p class="MsoNormal"> <samlp:NameIDPolicy AllowCreate="true"<o:p></o:p></p>
<p class="MsoNormal"> Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"/><o:p></o:p></p>
<p class="MsoNormal"> <samlp:RequestedAuthnContext Comparison="exact" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><o:p></o:p></p>
<p class="MsoNormal"> <saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef><o:p></o:p></p>
<p class="MsoNormal"> </samlp:RequestedAuthnContext><o:p></o:p></p>
<p class="MsoNormal"></samlp:AuthnRequest><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">2022-10-27 15:11:46,760 - WARN [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:277] - 123.123.123.123 - node01ac1xhe309ceqenezc35zwf2k394828 - Message Handler: Simple signature validation (with no
request-derived credentials) failed<o:p></o:p></p>
<p class="MsoNormal">2022-10-27 15:11:46,761 - WARN [org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler:214] - 123.123.123.123 - node01ac1xhe309ceqenezc35zwf2k394828 - Message Handler: Validation of request simple signature
failed for context issuer: <a href="https://host.someissuer.com/">https://host.someissuer.com/</a><o:p></o:p></p>
<p class="MsoNormal">2022-10-27 15:11:46,762 - WARN [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:202] - 123.123.123.123 - node01ac1xhe309ceqenezc35zwf2k394828 - Profile Action WebFlowMessageHandlerAdaptor: Exception handling message<o:p></o:p></p>
<p class="MsoNormal">org.opensaml.messaging.handler.MessageHandlerException: Validation of request simple signature failed for context issuer<o:p></o:p></p>
<p class="MsoNormal"> at org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler.doEvaluate(BaseSAMLSimpleSignatureSecurityHandler.java:216)<o:p></o:p></p>
<p class="MsoNormal">2022-10-27 15:11:46,765 - WARN [org.opensaml.profile.action.impl.LogEvent:105] - 123.123.123.123 - node01ac1xhe309ceqenezc35zwf2k394828 - A non-proceed event occurred while processing the request: MessageAuthenticationError<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Any help diagnosing is appreciated. Thanks.<o:p></o:p></p>
</div>
</body>
</html>