I fixed the problem but not solve error. I configured SAML "Assertion" not to encrypted:Here is my SAML response after I changed configured for "Assertion:
<?xml version="1.0" encoding="UTF-8"?> <saml2p:Response Destination="http://sp-hcmut.vn:8000/auth/complete/tpa-saml/"; ID="_8c32051cf7473a6144288a45aaf8a020" InResponseTo="ONELOGIN_58eb47d5daac275d59db626f102c2624ad3f5e32" IssueInstant="2016-11-06T15:37:27.553Z" Version="2.0" xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"> <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://idp-hcmut.vn/idp/shibboleth</saml2:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_8c32051cf7473a6144288a45aaf8a020"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> <ds:DigestValue>+zc7MUNxJF63OYLTIoZ/cZCUdxY4KZ31Lo7V7saPVTE=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> b7vz3XQ6+pkLYtIwAw1UDhXlGsYVNrLByTLCWXEtWxymNSGo4IPPJj8T6+a8SqPAE1ouC3jBMXSc i+dZ0cN/q7jXlwpUDbXwm+aWtawKvRQ2Sn/LacbT9cp/7x8NVmyy2OIREqDJ0a5cTgzGs7igj1Sx +FUV3wIfqBb7yl5jOrgs2Q6BsIBDd853eYXQcSb+zmK1rCzy5psnQRTxS+um2bsbBOPrditf/WhC k8Hv4CAiQ+fFd5TeOe3zTOq2IdeYsU2SFWrT3f0pOCvZxvfltAh/wf59z+c8N6e8wYHKwLZzWk0V 1LG21fpI4mVEJaTr8nHC8woyVc3vmw0OU6OwQw== </ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIUXNliKqmdG9Wif5c23KXMhWPEmtAwDQYJKoZIhvcNAQELBQAwFzEVMBMG A1UEAwwMaWRwLWhjbXV0LnZuMB4XDTE2MTEwNDE4NTA1MloXDTM2MTEwNDE4NTA1MlowFzEVMBMG A1UEAwwMaWRwLWhjbXV0LnZuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqCGt5D6 7cEyu8iKjTROaltQ4b3BKE11LymVoPA0+3/cy6b4MSsu+HCAyn9Nj9lk2hiotY6BEMV1wJOYUM6Y s/IB0xxSiGkfde39+B7Bmsr+MJDH0R6TLmjNiKNzPoM6ypluXvjiAUAX3LBVssj77jp8oWrMheVI JMnsSWfnnx2+eTi87/pYudVmRs6/YYtmFlOUJ69WcONEZPgwQncOCzN5DRaYPaEnPW0Agsx0zPE/ C34wOWZCpo45IXchDchPbM1HfWrQqSh7u+oTTJsiP65ZeQBqLuDgYS0HkVs1y1sP/ZzNLshQnNT9 mHQiGk03VoYG5K8kLfk+9uZgXhTfiwIDAQABo18wXTAdBgNVHQ4EFgQUzvHSyKfNHADSyIpYdman RKfg5o4wPAYDVR0RBDUwM4IMaWRwLWhjbXV0LnZuhiNodHRwczovL2lkcC1oY211dC52bi9pZHAv c2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOCAQEAEp5Z5ERXIjB4ZS1I7TyGo8WFvwJJc50mOEzr G+V3zyiG+H13qtofoYE2PY8HH7ymqIK2KZTPiqusP433oGm++TsHRlH1MpA0X76Wg9U/T6X4n5vW 45pzw/Njb+w2xkRj6QcEjPXvLhQFv3FWsj6zqDnIT0A+REeGnGngxdYOeVxr/xm8LuZIJgU7KjEa ZU+McqEIKbirPKueHAFqSZuXwnZeK8QBLtNv/HYCxx6d1w4tjqhBozfRnDYrmSrOHoHXhU6r8TRg g1gCPi5wsFfWD/wNk6VhCd3uwfFoJszZxQka0fvMI0pXO/NUxKOksz9gyU9WYpF0u7jpWhfVGu7M 2Q==</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> <saml2p:Status><saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></saml2p:Status> <saml2:Assertion ID="_6fdaab22b4fc1a64a6445c0fbce32f39" IssueInstant="2016-11-06T15:37:27.553Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> <saml2:Issuer>https://idp-hcmut.vn/idp/shibboleth</saml2:Issuer> <saml2:Subject> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" NameQualifier="https://idp-hcmut.vn/idp/shibboleth"; SPNameQualifier="http://sp-hcmut.vn:8000";>AAdzZWNyZXQxTeFn9qFZNL4dzWcS5S3kqxUQiXBjp2w1+/2xXatSNSYp5Nb0SSIYsazU4i9bn0hiH+es53fby4S+VxwZ1bV2H5x18Lqy07h+5SEOkXnGd1Bz7AXeLKBfYwKmWIUf3HI=</saml2:NameID> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData Address="10.0.2.2" InResponseTo="ONELOGIN_58eb47d5daac275d59db626f102c2624ad3f5e32" NotOnOrAfter="2016-11-06T15:42:27.585Z" Recipient="http://sp-hcmut.vn:8000/auth/complete/tpa-saml/"/></saml2:SubjectConfirmation> </saml2:Subject> <saml2:Conditions NotBefore="2016-11-06T15:37:27.553Z" NotOnOrAfter="2016-11-06T15:42:27.553Z"> <saml2:AudienceRestriction> <saml2:Audience>http://sp-hcmut.vn:8000</saml2:Audience> </saml2:AudienceRestriction> </saml2:Conditions> <saml2:AuthnStatement AuthnInstant="2016-11-06T15:37:27.270Z" SessionIndex="_3a6136c379360b8da8e54d86054f8f66"><saml2:SubjectLocality Address="10.0.2.2"/> <saml2:AuthnContext> <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef> </saml2:AuthnContext> </saml2:AuthnStatement> <saml2:AttributeStatement> <saml2:Attribute FriendlyName="uid" Name="urn:oid:0.9.2342.19200300.100.1.1" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml2:AttributeValue>thetruong</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml2:AttributeValue>41204...@hcmut.edu.vn</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute FriendlyName="sn" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml2:AttributeValue>nguyen</saml2:AttributeValue> </saml2:Attribute> <saml2:Attribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> <saml2:AttributeValue>the truong</saml2:AttributeValue> </saml2:Attribute> </saml2:AttributeStatement> </saml2:Assertion> </saml2p:Response> Vào 18:22:16 UTC+7 Chủ Nhật, ngày 06 tháng 11 năm 2016, truong nguyen đã viết: > > Hi Braden ! > I tried yours instruction above: "SECURITY_CONFIG": { > "requestedAuthnContext": false } > It solved problem,maybe! > But has a new error! > An error occurred. > > Authentication failed: SAML login failed: ['invalid_response'] > (Invalid issuer in the Assertion/Response) > > > <https://lh3.googleusercontent.com/-kTTdFJ6ZQeE/WB8Q6C9PfrI/AAAAAAAAAHM/7vauxQpmvV4EJWYCzgHKS0ma1l8dH27KACLcB/s1600/Capture.JPG> > > > This is my SAML response: > > <?xml version="1.0" encoding="UTF-8"?> > <saml2p:Response Destination=" > http://sp-hcmut.vn:8000/auth/complete/tpa-saml/"; > ID="_134b443dce67f1b4cd4645a37b65f9e4" > InResponseTo="ONELOGIN_12252ec510136316ce950f2a33382f110989a5a9" > IssueInstant="2016-11-06T10:55:57.966Z" Version="2.0" > xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"> > <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> > https://idp-hcmut.vn/idp/shibboleth</saml2:Issuer> > <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <ds:SignedInfo> > <ds:CanonicalizationMethod Algorithm=" > http://www.w3.org/2001/10/xml-exc-c14n#"/> > <ds:SignatureMethod Algorithm=" > http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> > <ds:Reference URI="#_134b443dce67f1b4cd4645a37b65f9e4"> > <ds:Transforms> > <ds:Transform Algorithm=" > http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> > <ds:Transform Algorithm=" > http://www.w3.org/2001/10/xml-exc-c14n#"/> > </ds:Transforms> > <ds:DigestMethod Algorithm=" > http://www.w3.org/2001/04/xmlenc#sha256"/> > > <ds:DigestValue>/C9k4/6oD79YVjJ2UX8TJ/BtZhwsvQhUSVTf1vJ1hhQ=</ds:DigestValue> > </ds:Reference> > </ds:SignedInfo> > <ds:SignatureValue> > > F8iyL6C+vUTrxkTAAdnyaXztmCZFqxaVkTURD7gb9cMxZlo6VuSS1eJFw7kOr1aLK3XM0qHELBKe > > CiaaKUFS+14WcBwzgJj36WzzT2dB95cQMI47xFbTJN5nP8Yk6riJE7SR4NCAnMIn4dj9HgSBmhLH > > K1D9b5zk72GRS4obOAb0Fuvz/dNFh4gOmxv4++wGdI1Bds4326VyloWJTMPgShJ4DFokLx9ldTz/ > > vNMHtWYN66OurK9Kf8Oxaqi+aj6Mdlv38YJXF1GsRHF3wQoeYmSFeESYJtY+eb+2nF6U7Z7h2lvL > fKHkjrDuF2CH2pH2fYAl0frufCgKr2JP0HB2/A== > </ds:SignatureValue> > <ds:KeyInfo> > <ds:X509Data> > > <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIUXNliKqmdG9Wif5c23KXMhWPEmtAwDQYJKoZIhvcNAQELBQAwFzEVMBMG > > A1UEAwwMaWRwLWhjbXV0LnZuMB4XDTE2MTEwNDE4NTA1MloXDTM2MTEwNDE4NTA1MlowFzEVMBMG > > A1UEAwwMaWRwLWhjbXV0LnZuMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqCGt5D6 > > 7cEyu8iKjTROaltQ4b3BKE11LymVoPA0+3/cy6b4MSsu+HCAyn9Nj9lk2hiotY6BEMV1wJOYUM6Y > > s/IB0xxSiGkfde39+B7Bmsr+MJDH0R6TLmjNiKNzPoM6ypluXvjiAUAX3LBVssj77jp8oWrMheVI > > JMnsSWfnnx2+eTi87/pYudVmRs6/YYtmFlOUJ69WcONEZPgwQncOCzN5DRaYPaEnPW0Agsx0zPE/ > > C34wOWZCpo45IXchDchPbM1HfWrQqSh7u+oTTJsiP65ZeQBqLuDgYS0HkVs1y1sP/ZzNLshQnNT9 > > mHQiGk03VoYG5K8kLfk+9uZgXhTfiwIDAQABo18wXTAdBgNVHQ4EFgQUzvHSyKfNHADSyIpYdman > > RKfg5o4wPAYDVR0RBDUwM4IMaWRwLWhjbXV0LnZuhiNodHRwczovL2lkcC1oY211dC52bi9pZHAv > > c2hpYmJvbGV0aDANBgkqhkiG9w0BAQsFAAOCAQEAEp5Z5ERXIjB4ZS1I7TyGo8WFvwJJc50mOEzr > > G+V3zyiG+H13qtofoYE2PY8HH7ymqIK2KZTPiqusP433oGm++TsHRlH1MpA0X76Wg9U/T6X4n5vW > > 45pzw/Njb+w2xkRj6QcEjPXvLhQFv3FWsj6zqDnIT0A+REeGnGngxdYOeVxr/xm8LuZIJgU7KjEa > > ZU+McqEIKbirPKueHAFqSZuXwnZeK8QBLtNv/HYCxx6d1w4tjqhBozfRnDYrmSrOHoHXhU6r8TRg > > g1gCPi5wsFfWD/wNk6VhCd3uwfFoJszZxQka0fvMI0pXO/NUxKOksz9gyU9WYpF0u7jpWhfVGu7M > 2Q==</ds:X509Certificate> > </ds:X509Data> > </ds:KeyInfo> > </ds:Signature> > <saml2p:Status><saml2p:StatusCode > Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></saml2p:Status> > <saml2:EncryptedAssertion > xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> > <xenc:EncryptedData Id="_bc6eb3862cd6b26297f3518e4fe42403" > Type="http://www.w3.org/2001/04/xmlenc#Element"; xmlns:xenc=" > http://www.w3.org/2001/04/xmlenc#";><xenc:EncryptionMethod Algorithm=" > http://www.w3.org/2001/04/xmlenc#aes128-cbc"; > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"/> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <xenc:EncryptedKey Id="_3acb09cb5c3e9ecb5f7cae320ac842ea" > Recipient="http://sp-hcmut.vn:8000"; > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> > <xenc:EncryptionMethod Algorithm=" > http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"; > > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";><ds:DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig# > "/></xenc:EncryptionMethod> > <ds:KeyInfo> > <ds:X509Data> > > <ds:X509Certificate>MIIC1jCCAj+gAwIBAgIJALbKmuXGyV3TMA0GCSqGSIb3DQEBBQUAMIGDMQswCQYDVQQGEwJWSTEM > > MAoGA1UECAwDSENNMQwwCgYDVQQHDANIQ00xDjAMBgNVBAoMBUhDTVVUMQwwCgYDVQQLDANlZHgx > > DjAMBgNVBAMMBUhDTVVUMSowKAYJKoZIhvcNAQkBFhs0MTIwNDIxOXRoZXRydW9uZ0BnbWFpbC5j > > b20wHhcNMTYxMDI3MTY0NTI1WhcNMjYxMDI3MTY0NTI1WjCBgzELMAkGA1UEBhMCVkkxDDAKBgNV > > BAgMA0hDTTEMMAoGA1UEBwwDSENNMQ4wDAYDVQQKDAVIQ01VVDEMMAoGA1UECwwDZWR4MQ4wDAYD > > VQQDDAVIQ01VVDEqMCgGCSqGSIb3DQEJARYbNDEyMDQyMTl0aGV0cnVvbmdAZ21haWwuY29tMIGf > > MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCYR53GA1rs606WaNBu1S+E7L3s5+XjhA5x5UvqzxGl > > dxhRmModYOY8pEMELaJOPiUt8XG4UvVX82z8tMgpTu2VTuZPf2n2zX8mVKWht1CsAKwhiuMvOODh > > n5NpODbVV0waX68zIgzXcSyrEV30H66NsANMTaoIia8f/+ibp5kJMQIDAQABo1AwTjAdBgNVHQ4E > > FgQUcZ99ZIb0ca+SEdxlD7phyNgthUEwHwYDVR0jBBgwFoAUcZ99ZIb0ca+SEdxlD7phyNgthUEw > > DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQB7EXsQnaxuU9LdlywNEymxjA0NLXTe1vHR > > 4py2GmeeQFSUmf4jkH9GwVDCJS8l7AhcHd4c45N1CWlYtOfiDCRf1orW91AYIXpCKreSXo7xn1Mz > > gpgVgPzJCZGdCjh5bhV8Cexyq9eSS/5O6SPRZV0kd4WacSPYaIdq9/aEGJHwsg==</ds:X509Certificate> > </ds:X509Data> > </ds:KeyInfo> > <xenc:CipherData xmlns:xenc=" > http://www.w3.org/2001/04/xmlenc#";> > > <xenc:CipherValue>e2HC9vvbqzLswQ+jCj3Xf/8cx2OxONqJ3mRF+W/Mg7Dal++7K8dK2XQ4dYWBs1UNytLRHRNskd2V > > fRgBbk+GX89DdFJ4a7lPjf+IiWC2VvbNv+SbdBuV8YkrBJnnV2Ra3gzH9CRZrmubBcx+foeeCmBh > SZkp0lLY7ppKrvXdueg=</xenc:CipherValue> > </xenc:CipherData> > </xenc:EncryptedKey> > </ds:KeyInfo> > <xenc:CipherData xmlns:xenc="http://www.w3.org/2001/04/xmlenc# > "> > > <xenc:CipherValue>72Xbw+wuG23Jvd5B0jmi75KfMv7TrYcV79ZybGkc/2wcOkX756qPE79Fc+NngvZ0+8cZiKpdk8j9 > > AO6ZA9Z/lpca3Sojxuv20mJrm2IdNxGyawGZqF5xvYvgeXHPaWiLWfWPjYPb5gBVhcGeQllycCKq > > lhChEQiwClPRh/9/hlaQsimT0DhLBvvwHaglNawuzXJtvkz6KaGHS2l6Clcl56l8/lKNYq85iofq > > XGzWMsSVLCzSkJ2iDX5zwskxaLsczEcTglEpgEK02/mUQ6qveWML7LAPOd+UB0fxKbnwYsSiu4le > > TaCFxghddP1s+oufTy2ZeUYNZ4xUd2HSRM2IT3Sslxvc4P2BJQDEjJ0wczrH+J5nFfs3nTKmggbw > > xlpUU1jX4QoQCRbtKG47ZWxmwHMYsblMq4q3dZoqWJNHLYv8UJ8jYVe2xpsk7zTWSn2RNjZKqIIr > > ZfVYRpDKukbdbq6k3U4EZP2BPvvmh5Hwpg8pbo2aD/vfata4A0VEI8Pq/V47j0oOV5y6fEGjg7rg > > eNAV4cVorNyRfDis/7FB59o93b738pqSTlvaSnqBvZk4JFUJaTbIlnyUd9ejvzpwf1z3PGIdFU1E > > viEUyLzHr/SaS1MyqJtBa8gq0nhOKtjKp9cTi2OdL7LIQmw8ECwwBZVUwXtt0VY3Tt3VxY18O14W > > qY1H45459ae9EKzJeIEEWH1nda8H+/foi3VUBMDvCqWogMnh2KbiATwtbVOEbR3+fECo1+C382fj > > 65/3TTJWXSLcPV+EHkc00qx2Q6HbLVgBBRIKgsEW4gVblzaq4KXGKun7H0DbXmviIfeB1TTjBnP+ > > lxPqiExYk2gbgOQOz1mcygkO1JsLH53Xo84ZecpgTUPXPNZb8irGPxjIv4KogTclOok4BT7o5I65 > > u4io1P8N+2k5iMqALhNJFBsnLyRV+nheQCsybY9GDGHDXnJvZ6sDfpxv0OQNmOiQGLte3WHdAR6/ > > adybbgXqToVxp7Kn6SA9i4Ve/jkcKdqqfedcGQX15fHJ2FJBXe4LpQj3QQRXOqUEPDQ/RZcN0R5j > > sJtiNFT+tbV4gMDKNXaG2nMvwFbhz03ARRPJW6i37NZf+egNdsVnCHhQtXrp5D0uFS4jRxkUEP6P > > /fWTZKgGbJarIxAPb+YnVTYV74DzMkkiDheKCNjWKvkui7Jav57ejsxbkPx6PRZ/ZuiQD3Qh5+Vq > > UCU+jR245qYdwQ5SajMFBkkzgsrz1pBAz4/xA29qIohvosV0ssMBap1Cl9htph/sLY5fNYx8zRB3 > > RIqN3hCogPFvHtb7dHZD8qeobmmKdsfI5OrzhPjrmDChYgOstlakGKzgnft609tYlR37yR8Jm9W9 > > Gn5UtpUGFgknjxRxt8mcv/nYHFvvTwbIHRBeTuA0w8J6LnZdluwzJSoXJ8EhfMHgFByh7vld5vb2 > > oydDfQbFikdU2NNDk8eUFXxyzc91zTQbyrxo/pza3EwyisWl2q4Jov9enxNaxqmyuiqDLQqGSfIc > > QIgiIxuLkESfk1Hhu4YmUyObpQ1y1vQ5JZ5IQyOH70yLpGrhDZTUPbnSoB+RgaWYJyPyrHKPSclw > > YsBe/1BXtTuKw8CKtER2w4f8isz2cucgCS1c8aSW1Re+q74fuJThPe30LlKrALx3CHEn0s4jzVHc > > fVwgY3BdD9E9709m9an7RTMMdshluIBQwI22ywtFpXKV8NRdvUNqBjUYJttS2C08Ie7uqnPmGgvY > > xheRPD2/hheUJ0ka+KFMgGmPrYNrv+S8SgJ6CbzbeHRkMq6l30zvtLZ+kE0R4vqaCuRojEQlkKCb > > jInSUUpLRy4IgIt3nmMtdFVYIQRcH56eAfE8kopbjOCIxo76NbgR0MEoaDSkbFTZI0Ldqp969DOK > > A7ZbCM2wx5lTGl4wSMk8cx/CKkYilnzSHwAvSsQPrfJ82MDwg1xhX5OzGwLJJ7YNWgsr5tv8g2I6 > > pCUjmhgaWsn1wiIV4mBRl/qL54/52PYLLrtahUbNiDaaXgk/usWQ9QmuVhWlsO8g9Blb8lHeb7JY > > wJRuNtFa1ulbAUQXVyy/7jt4Zydhrufu9CEUfi0tD8SQR5z1DUSR1Vex7rtoCS1Js3MWOt8l7OcQ > > HuMS50ZflY8GDudiUpr15xBiwkhp2xZT/LGOapezeXllkJFycRgHqRfmX7ZEl8t4T3VNmui5liWN > > rO0OI3I5qSwsl8yqKa3ZXqfxGSC0fYRocTN2GWuWepk9rpHsmL5JqHxlfPqGD1rSRJnXRRlZG2uK > > /ouw/lBaZBs9ytnk6xHy9waEnkcV4FV75mBCnwIuERNLtMPjUeMq3dZpb4ndzbAwuLztlOcrB3gC > > vRlkjo4koxXglZ5oqU+eMDL3oAUpj6kC8Uy2deI8VGrX90GcSouSzl0PhUMCPaAMXntuAijFQsdJ > > hnHDr3lCh+6U3OsfQZuCtS77xilg6PnXwgOGVjSkUMJ9YhVYIpsnFnV3Fci5UPKL7Hj0znRlQmjT > > Vo55FblrfrSgM+4+aedT5o8hgJPuV+YI/+aJFViYBUpthueUkN2WUCNu9Us8WGGbitDsSJ+JnWv/ > > GH4kVGC8n21rxe9LObSj2+8CyBGE/TtMIodx72Fr0Xhc6506dOcKFnWIgGcRXIhAxpW21d9e8a0O > > +5jiyuV/lAw7vtzrw36ULeGYuACBcZ3FMJURvh1gzTkEIJY7NBhbjXrAylOAQ9omiD9xC9u0NBXZ > > 58vDq7XrQrfIIfh2kRtPqKSrnHkpLDITng/S3LEQw406pjszm4wSHjjSGgBEwuaF+TF0wuvQxBx2 > > rLE7fRVgdBRCLUN9uVnKgVnIq8vClRvD71dVSrb2BaSNhD5oDIVGpe6BG8VKqVNM5/q0ulxBMe/s > > zsyMJbNeaz5HnrDPqst5sN84R4m3cAJiDeiJ1VR6MEUYI10PI0CUtHiI5PvBqQ/oC5tteJY+Pinr > > nMMDOVxJA4kOUIwh2lU9Qaik6tae3baH3JCVGvldBrJN/vmUI1GYe0FHXkmNgvVF2jQWrPW10c1L > > VpApbRCN8t7L2GKto+2ZAHNWffbRL0tOZYDJBvsxwlRcpwCBo94wWXcCD32rEq1OHcye/4Rj0FAy > > QWenMc7QwxiD8aOL2oPa421jHHqRIQip30SNO6jfIUrtb4k8jFVSyBLx4nBDInn0GDco/QNYlbmv > > bhOejTKrOWVTYT+e2DJ/7JyMUqEH11WxFj1rI6r0tQeoPwDM/YM=</xenc:CipherValue> > </xenc:CipherData> > </xenc:EncryptedData> > </saml2:EncryptedAssertion> > </saml2p:Response> > > I think,the reason that is" Assertion" is encrypted > (saml2:EncryptedAssertion). > Thank for your help,Braden! > > > Vào 04:37:23 UTC+7 Chủ Nhật, ngày 06 tháng 11 năm 2016, Braden MacDonald > đã viết: >> >> Hi, >> >> Please read through this past thread and try the suggestions in there: >> https://groups.google.com/d/msg/openedx-ops/d-rmACND180/ZuLbMh9SIAAJ >> >> Let us know if that helps! >> >> -- >> Braden >> @OpenCraft <http://opencraft.com/> >> >> On Sat, Nov 5, 2016 at 2:41 AM, truong nguyen <41204219...@gmail.com> >> wrote: >> >>> Hi everyone! >>> My purpose is use Shibboleth IdP v3 which installed in tomcat 8 server >>> to authenticate username/password.I have checked my IdP server ( >>> http://idp-hcmut.vn) with Testshib,it's successfull. >>> Then I intergrated my Idp server (http://idp-hcmut.vn) to Edx,also >>> successfully,I follow these instruction: >>> >>> http://edx.readthedocs.io/projects/edx-installing-configuring-and-running/en/open-release-eucalyptus.master/configuration/tpa/index.html >>> >>> *Problem* is when I login into edx (register/sign in) use my IdP >>> server,It redirected me to my edx (it's ok) but Message: >>> *An error occurred.* >>> >>> *Authentication failed: SAML login failed: ['invalid_response'] (There >>> is no AttributeStatement on the Response)* >>> >>> my edx-server is http://sp-hcmut.vn:8000. >>> >>> Please help me solve problem! >>> >>> >>> >>> <https://lh3.googleusercontent.com/-ipIhPCvtqC0/WB2pEuwiiOI/AAAAAAAAAGs/qB94fo6L30sO3SM7Xrfsy7eo8ToeblKaACLcB/s1600/IdP.JPG> >>> >>> >>> >>> >>> <https://lh3.googleusercontent.com/-Rj3Y6DTfr1g/WB2pNYf4rfI/AAAAAAAAAGw/1QnA7TO0hCIUFCrCLIs4sFfo5PtKuGHdACLcB/s1600/error.JPG> >>> >>> >>> >>> <https://lh3.googleusercontent.com/-ipIhPCvtqC0/WB2pEuwiiOI/AAAAAAAAAGs/qB94fo6L30sO3SM7Xrfsy7eo8ToeblKaACLcB/s1600/IdP.JPG> >>> >>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "General Open edX discussion" group. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/edx-code/7a914c02-402b-48ef-a15a-616cacff3472%40googlegroups.com >>> >>> <https://groups.google.com/d/msgid/edx-code/7a914c02-402b-48ef-a15a-616cacff3472%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >> >> -- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/f35f1cc6-3c83-43d6-aad3-2785678e27d1%40googlegroups.com.
