I tried another test.
I test pysaml2 IDP against
https://samltest.id site.
And following error was reported:
opensaml::FatalProfileException at (
https://samltest.id/Shibboleth.sso/SAML2/POST)
Unable to establish security of incoming assertion.
In SP log following error line are showed:
2020-03-21 13:01:09 WARN Shibboleth.SSO.SAML2 [3878] [default]: detected a
problem with assertion: Unable to establish security of incoming assertion.
2020-03-21 13:01:09 WARN Shibboleth.SSO.SAML2 [3878] [default]: error
processing incoming assertion: Unable to establish security of incoming
assertion.
That confirm to me, some configuration is wrong.
El sáb., 21 mar. 2020 a las 0:18, Gustavo Duarte (<gus.duarte at gmail.com>)
escribió:
Sorry if this ml isn’t right place, but what I don’t understand is that
the
federated domain and idp certificates is the same. I take special
attention on that.
I would like to know how to debug this.
Thanks Giuseppe
El El vie, 20 de mar. de 2020 a la(s) 22:43, Giuseppe De Marco <
giuseppe.demarco at unical.it> escribió:
>
> Hi Gustavo,
>
> I don't know if this Is the right ml for this, btw I think that you
should
use a powershell prompt to set/update/register your new certificates.
>
> Many docs and articles on the web show how to do this
>
> Regards
>
> Il sab 21 mar 2020, 01:23 Gustavo Duarte <gus.duarte at gmail.com> ha
scritto:
>>
>> Hi all,
>>
>> I configured a federated domain in my Azure AD tennant to be
>> authenticated against an IDP based on pysaml IDP sample.
>>
>> When I try logging in
https://portal.azure.com with an
>> user at
myfedereteddoaim.com, following error happens:
>>
>> AADSTS50008: Unable to verify token signature. The signing key
>> identifier does not match any valid registered keys.
>>
>> Any suggestions?
>>
>> Thanks in advance.
>>
>> Regards.
>>
>> _______________________________________________
>> Satosa-dev mailing list
>> Satosa-dev at lists.sunet.se
>>
https://lists.sunet.se/listinfo/satosa-dev