'The signature verification failed' error
226 views
Skip to first unread message
V.R Gnanaprakash
Oct 14, 2020, 1:25:53 AM10/14/20
to Pac4j users mailing list
Hi,
We have implemented Pac4j SAML client using the pac4j-saml library of version 2.2.0. The single sign on capability was working with fine with ADFS and OKTA Identity providers.
Recently we implemented an enhancement in our application store and retrieve secrets from Azure key Vault. The SAML request of SP initiated SSO started failing in the ADFS with the below error.
Exception details:
System.Security.Cryptography.CryptographicException: ID6013: The signature verification failed.
at Microsoft.IdentityModel.Protocols.XmlSignature.SignedXml.VerifySignature(HashAlgorithm hash, AsymmetricSignatureDeformatter deformatter, String signatureMethod)
at Microsoft.IdentityModel.Protocols.XmlSignature.SignedXml.StartSignatureVerification(SecurityKey verificationKey)
The libraries added to the application as part of the AKV implementation are as below.
accessors-smart-1.2.jar
gson-2.8.6.jar
json-smart-2.3.jar
msal4j-1.4.0.jar
oauth2-oidc-sdk-6.14.jar
gson-2.8.6.jar
json-smart-2.3.jar
msal4j-1.4.0.jar
oauth2-oidc-sdk-6.14.jar
Please guide on what is causing the signature in the SAML request to be malformed and not validated.
Regards,
GP
Reply all
Reply to author
Forward
0 new messages