You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am really enjoying this bundle!
There is just one thing that doesn't seem to work.
When the ADFS is configured to use SHA-256 as signing algorithm and the SP SSL certificate is signed as SHA-256, there is still an error:
Unsuccessful SAML response: urn:oasis:names:tc:SAML:2.0:status:Responder
SAML request is not signed with expected signature algorithm. SAML request is signed with signature algorithm http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 . Expected signature algorithm is http://www.w3.org/2000/09/xmldsig#rsa-sha1
This seems to be hardcoded to SHA-1 at most locations in the code. Can't find a way around this one.
Can you give me some more information about this issue?
Thanks!
The text was updated successfully, but these errors were encountered:
The error message you provided says the request was signed with SHA-256 while SHA-128 is expected. So it seems you did made a signature with SHA-256. Did you provided a wrong message?
We fixed the bug by explicitly setting the expectec encoding to SHA-1 on the federation server.
The SHA-2 never worked for us. At the moment I can't reproduce the issue due to a lack of a testing environment. It was however, an issue during assertion consuming on the SP side. There is no configurable option that detemines which encoding should be used. Maybe I've overlooked something?
I did check out the new lightsaml project, but this project has a complete changed structure, I didn't found the time to upgrade. What are the plans on supporting this package in the future? Is it recommended to upgrade to the new lightsaml as fast as possible or can we still be using this one for some time?
Hello,
I am really enjoying this bundle!
There is just one thing that doesn't seem to work.
When the ADFS is configured to use SHA-256 as signing algorithm and the SP SSL certificate is signed as SHA-256, there is still an error:
This seems to be hardcoded to SHA-1 at most locations in the code. Can't find a way around this one.
Can you give me some more information about this issue?
Thanks!
The text was updated successfully, but these errors were encountered: