Re: [Dev] How to create a signed auth request using sso module within jaggery-extensions

Wed, 01 Jun 2016 23:49:55 -0700 

On Thu, Jun 2, 2016 at 12:12 PM, Malithi Edirisinghe <malit...@wso2.com>
wrote:

>
> Hi,
>
> On Wed, Jun 1, 2016 at 9:25 PM, Udara Rathnayake <uda...@wso2.com> wrote:
>
>> Hi All,
>>
>> We have buildAuthenticationRequest[1] wrapped within our sso client js
>> module. Noticed following error after enabling sso with signature
>> validation,
>>
>> WARN
>> {org.wso2.carbon.identity.sso.saml.processors.SPInitSSOAuthnRequestProcessor}
>> -  Destination validation for Authentication Request failed. Received: [
>> *null*]. Expected one in the list: [https://localhost:9443/samlsso
>> <https://www.google.com/url?q=https%3A%2F%2Flocalhost%3A9443%2Fsamlsso&sa=D&sntz=1&usg=AFQjCNFEktbwY50oRm419Cu2qmnUw2Z_vw>
>> ]
>>
>> Seems we have to set other properties like destination etc.. within SAML
>> request inorder to support signature validation. @Darshana please confirm.
>>
>
> Yes. destination should be there [1]. Further the request should contain
> the signature also, which I do not see in the code segment being pointed.
>
​Thanks Malithi. We will fix this.​


>
> Found buildSignedAuthRequest[2] within APIM SSO hostobject which supports
>> this. Have we encounted this problem during ES/UES testing previously?
>>
>> [1]
>> https://github.com/wso2/jaggery-extensions/blob/master/sso/resources/org.jaggeryjs.modules.sso/src/main/java/org/jaggeryjs/modules/sso/common/builders/AuthReqBuilder.java#L38
>> [2]
>> https://github.com/wso2/carbon-apimgt/blob/8e5b065f3149d75e9eea3d63fe3f68b24503e6b4/components/sso-hostobject/org.wso2.carbon.hostobjects.sso/src/main/java/org/wso2/carbon/hostobjects/sso/internal/builder/AuthReqBuilder.java#L83
>>
>> --
>> Regards,
>> UdaraR
>>
>> _______________________________________________
>> Dev mailing list
>> Dev@wso2.org
>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>
>>
>
> [1]
> https://github.com/wso2-extensions/identity-inbound-auth-saml/blob/master/components/org.wso2.carbon.identity.sso.saml/src/main/java/org/wso2/carbon/identity/sso/saml/processors/SPInitSSOAuthnRequestProcessor.java#L72
>
> Thanks,
> Malithi.
> --
>
> *Malithi Edirisinghe*
> Senior Software Engineer
> WSO2 Inc.
>
> Mobile : +94 (0) 718176807
> malit...@wso2.com
>



-- 
Regards,
UdaraR

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to