Errors with signatures - How to DEBUG

[Francisco Almeida]

Hi,

I am having problems with the signature of SAML packet with IdP. I've added some custom extensions (see attachement).

I get this error:

Caused by: sspmod_saml_Error: Requester/RequestDenied: urn:oasis:names:tc:SAML:2.0:status:RequestDenied (Invalid SAML Request)

From the IdP side they say that de XML request is well constructed and well formed, but they say that the problem is with the signature.

Could anyone suggest any good way to debug this problem? 

Regards,

Francisco

[Jaime Perez Crespo]

Olá Francisco,

I would first try to verify the signature myself. Have you tried using xmlsectool for that?

https://wiki.shibboleth.net/confluence/display/SHIB2/XmlSecTool

In any case, I have to say the error message doesn’t appear to be related at all to the signature. Could it be that they don’t have your metadata registered, and they are rejecting your request because of that?

--
Jaime Pérez
UNINETT / Feide
mail: jaime...@uninett.no
xmpp: ja...@jabber.uninett.no

"Two roads diverged in a wood, and I, I took the one less traveled by, and that has made all the difference."
- Robert Frost

[Fernando Brandão]

Viva Francisco,

Estou com o mesmo problema na assinatura do pedido SAML.

Estou a usar a biblioteca xmlseclibs mas não consigo efetuar corretamente o pedido.

Verifiquei que já resolveste o problema. Pode dizer-me qual era o problema?

Desde já agradeço a resposta.

Brandão

[Jaime Perez Crespo]

Hi Fernando,

This is an english-speaking mailing list, and as such, we would like everybody to stick to english to avoid excluding anybody.

--

Jaime

--
You received this message because you are subscribed to the Google Groups "SimpleSAMLphp" group.
To unsubscribe from this group and stop receiving emails from it, send an email to simplesamlph...@googlegroups.com.
To post to this group, send email to simple...@googlegroups.com.
Visit this group at https://groups.google.com/group/simplesamlphp.
For more options, visit https://groups.google.com/d/optout.