You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I have a case with an in house SAML Provider, where it sends a SAMLResponse with the Assertion Encrypted, and while it is decoded properly, either the Response or Assertion must be signed is still thrown. Not sure if this is a bug, or I've missed something... Any advice would be appreciated.
Here're the relevant parts of the Response to show that there is a Signature in there:
After applying Pull request 243, I can get past the either the Response or Assertion must be signed error, but now I get another one:
</samlp:Response> (now: 2020-05-29 07:07:31.962304267 +0000 UTC) cannot validate signature on Response: Expected Enveloped and C14N transforms
I took the SAMLResponse Base64 blob and validated it successfully on samltool.com. So I am really confused and beginning to hate my life and more so the in-house SAML IdP.
Here's the Transforms el: <Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms>
The text was updated successfully, but these errors were encountered:
d4z3x
changed the title
SAMLResponse with Encrypted Assertion is not detected
Response is expected to have two Transform elements (fails to validate)
May 29, 2020
Can you provide the whole SAML response, with redactions if necessary. I'd trace through this and see if either of the findChild calls match against where your signature is in the response.
I have a case with an in house SAML Provider, where it sends a SAMLResponse with the Assertion Encrypted, and while it is decoded properly,
either the Response or Assertion must be signed
is still thrown. Not sure if this is a bug, or I've missed something... Any advice would be appreciated.Here're the relevant parts of the Response to show that there is a Signature in there:
After applying Pull request 243, I can get past the
either the Response or Assertion must be signed
error, but now I get another one:</samlp:Response> (now: 2020-05-29 07:07:31.962304267 +0000 UTC) cannot validate signature on Response: Expected Enveloped and C14N transforms
I took the SAMLResponse Base64 blob and validated it successfully on samltool.com. So I am really confused and beginning to hate my life and more so the in-house SAML IdP.
Here's the Transforms el:
<Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></Transforms>
The text was updated successfully, but these errors were encountered: