Hi. I have configured the setup to Login to the Identity Server Using Another Identity Server as per the details in [1] in Super tenant mode. With the happy scenario according to the documentation this works fine. But I have enabled some additional properties in IDP and SP used for IDP as following :
*Properties enabled for Federated Authenticators* - SAML2 Web SSO Configuration 1. Enabled Assertion Encryption 2. Enable Assertion Signing 3. Enable Authentication Response Signing *Properties enabled fo SP used for IDP * 1. Enabled Assertion Encryption 2. Enabled Response Signing *Properties enabled fo SP used for travelocity app* 1. Enabled Assertion Encryption 2. Enabled Response Signing In the travelocity.properties file also I have enabled Assertion Encryption,Response signing and Assertion signing. I have already imported the Identity Provider Public Certificate to IDP When I'm signing in to travelocity.com I get Unable to decrypt the SAML Assertion error and error in [2] in tomcat. Note that only enabling "assertion signing" in IDP I was successfully able to login and no error was displayed. When I enabled the Assertion Encryption this error occurred. Why is this error occurred when I enable this property as mentioned above? Any help regarding this is highly appreciated! [1] - https://docs.wso2.com/pages/viewpage.action?title=Login%2Bto%2Bthe%2BIdentity%2BServer%2BUsing%2BAnother%2BIdentity%2BServer&spaceKey=IS510 [2] - Oct 02, 2015 2:10:47 PM org.wso2.carbon.identity.sso.agent.SSOAgentFilter doFilter SEVERE: An error has occurred org.wso2.carbon.identity.sso.agent.exception.SSOAgentException: Unable to decrypt the SAML Assertion at org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processSSOResponse(SAML2SSOManager.java:254) at org.wso2.carbon.identity.sso.agent.saml.SAML2SSOManager.processResponse(SAML2SSOManager.java:198) at org.wso2.carbon.identity.sso.agent.SSOAgentFilter.doFilter(SSOAgentFilter.java:89) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:956) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:423) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1079) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:625) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:318) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:745) Thanks! -- *Nadeesha Meegoda* Software Engineer - QA WSO2 Inc.; http://wso2.com lean.enterprise.middleware email : [email protected] mobile: +94783639540 <%2B94%2077%202273555>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
