We are testing SAML  on CAS V5.2.2

After hours everything is fine except this when shibboleth SP 2 is trying 
to get the metadata:

2018-03-06 11:25:28 INFO OpenSAML.MetadataProvider.XML : loaded XML 
resource (/var/cache/shibboleth/cas-meta.xml)
2018-03-06 11:25:28 INFO OpenSAML.Metadata : applying metadata filter 
2018-03-06 11:25:28 WARN OpenSAML.MetadataFilter.Signature : filtering out 
entity at root of instance after failed signature check: Root metadata 
element was unsigned.
2018-03-06 11:25:28 CRIT OpenSAML.Metadata.Chaining : failure initializing 
MetadataProvider: SignatureMetadataFilter unable to verify signature at 
root of metadata instance.

./xmlsectool.sh --verifySignature --inFile 
/var/cache/shibboleth/cas-meta.xml --certificate 
INFO  XMLSecTool - Reading XML document from file 
INFO  XMLSecTool - XML document parsed and is well-formed.
ERROR XMLSecTool - Signature required but XML document is not signed

So I changed the shibboleth SP setup and it works but it's not nice if I 
cans say:

        <MetadataProvider type="XML" uri="https://xx/cas/idp/metadata";
              backingFilePath="cas-meta.xml" reloadInterval="7200">
<!--            <MetadataFilter type="Signature" 
certificate="casv5-signing.crt"/> -->
Any ideas?


- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 

Reply via email to