8:48 a.m.
Hi,
I am attempting to set up a SAML environment to better understand how
Satosa works. Here is the model of my environment: SAML Service Provider
(SP, pysaml2) <-> Satosa Proxy <-> SAML Identity Provider (IdP, pysaml2).
During the single sign-on service, after entering the username and
password, when the SAML IdP posts the AssertionConsumerService to the
Satosa Proxy, an error(satosa log attached) occurs:
'saml2.sigver.SignatureError.', the following is my satosa proxy logs:
https://pastebin.com/YsRMVzKD
I am unsure about how to resolve this issue. Could anyone provide me with
some guidance?
Any help would be greatly appreciated.
Thanks,
Sam
7:49 p.m.
Hello Sam,
it looks like the signature is indeed invalid. Was the certificate
used by the IdP to sign the Response the same as the certificate in
the metadata given to the proxy?
Please, ensure that this is the case. Note that the certificate is
extracted from the metadata consumed by the proxy and the metadata is
cached.
If for some reason you changed the certificate on the IdP without
reloading the metadata on the proxy, the operation will fail.
Cheers,
On Tue, Jun 13, 2023 at 8:48 AM sam su <ssu.ovs(a)gmail.com> wrote:
Hi,
I am attempting to set up a SAML environment to better understand how Satosa works. Here
is the model of my environment: SAML Service Provider (SP, pysaml2) <-> Satosa Proxy
<-> SAML Identity Provider (IdP, pysaml2).
During the single sign-on service, after entering the username and password, when the
SAML IdP posts the AssertionConsumerService to the Satosa Proxy, an error(satosa log
attached) occurs: 'saml2.sigver.SignatureError.', the following is my satosa proxy
logs:
https://pastebin.com/YsRMVzKD
I am unsure about how to resolve this issue. Could anyone provide me with some guidance?
Any help would be greatly appreciated.
Thanks,
Sam
_______________________________________________
Idpy-discuss mailing list -- idpy-discuss(a)lists.sunet.se
To unsubscribe send an email to idpy-discuss-leave(a)lists.sunet.se
--
Ivan c00kiemon5ter Kanakarakis >:3
5:16 a.m.
Hi Ivan,
Thank you so much!
You are correct, I didn't use the correct certificate in my idp
configuration and satosa proxy configuration.
Thanks,
Sam
On Tue, Jun 13, 2023 at 9:50 AM Ivan Kanakarakis <ivan.kanak(a)gmail.com>
wrote:
Hello Sam,
it looks like the signature is indeed invalid. Was the certificate
used by the IdP to sign the Response the same as the certificate in
the metadata given to the proxy?
Please, ensure that this is the case. Note that the certificate is
extracted from the metadata consumed by the proxy and the metadata is
cached.
If for some reason you changed the certificate on the IdP without
reloading the metadata on the proxy, the operation will fail.
Cheers,
On Tue, Jun 13, 2023 at 8:48 AM sam su <ssu.ovs(a)gmail.com> wrote:
Hi,
I am attempting to set up a SAML environment to better understand how
Satosa
works. Here is the model of my environment: SAML Service Provider
(SP, pysaml2) <-> Satosa Proxy <-> SAML Identity Provider (IdP, pysaml2).
During the single sign-on service, after entering the username and
password, when
the SAML IdP posts the AssertionConsumerService to the
Satosa Proxy, an error(satosa log attached) occurs:
'saml2.sigver.SignatureError.', the following is my satosa proxy logs:
https://pastebin.com/YsRMVzKD
I am unsure about how to resolve this issue. Could anyone provide me
with some
guidance?
Any help would be greatly appreciated.
Thanks,
Sam
_______________________________________________
Idpy-discuss mailing list -- idpy-discuss(a)lists.sunet.se
To unsubscribe send an email to idpy-discuss-leave(a)lists.sunet.se
--
Ivan c00kiemon5ter Kanakarakis >:3
556
days inactive
557
days old
2 comments
2 participants
participants (2)
-
Ivan Kanakarakis -
sam su