You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am able to get ruby-saml version 1.11.0 to work as a service provider with OneLogin's IdP just fine. However, I am now trying to integrate with another IdP (Shibboleth version 3.3) and I am encountering errors on the IdP side.
Trying SSO, the Shibboleth IdP reports:
ERROR [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:75] - SPSSODescriptor for entity ID 'https://HOSTNAME/saml/metadata' indicates AuthnRequests must be signed, but inbound message was not signed.
It seems to work if encryption is disabled on the IdP. For example:
I am able to get ruby-saml version 1.11.0 to work as a service provider with OneLogin's IdP just fine. However, I am now trying to integrate with another IdP (Shibboleth version 3.3) and I am encountering errors on the IdP side.
Trying SSO, the Shibboleth IdP reports:
ERROR [org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:75] - SPSSODescriptor for entity ID 'https://HOSTNAME/saml/metadata' indicates AuthnRequests must be signed, but inbound message was not signed.
It seems to work if encryption is disabled on the IdP. For example:
However, the IdP owners would like to get this working with encryption enabled.
Our ruby-saml service provider configuration settings are as follows:
Is there something I am perhaps missing in my configuration to get this working? Any assistance you could provide would be greatly appreciated.
The text was updated successfully, but these errors were encountered: