ComponentSpace

Forums



The SAML response signature failed to verify


The SAML response signature failed to verify

Author
Message
nhien
nhien
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 11
1. Config PartnerIdentityProviderConfiguration
+ WantAssertionSigned = true
+ WantSAMLResponseSigned = true
+ WantAssertionEncrypted = false
+ SAMLWantLogoutResponseSigned = true
2. I created an account on portal.azure
3. Login via new account,
4. After successful login, the system will call SAMLServiceProvider.ReceiveSSO
and now the ReceiveSSO function will return the error The SAML response signature failed to verify

I missing something configured?
Or where is the problem?
if you know please just help me.
Thanks

Note: that some old accounts still work fine.

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
You're better not specifying WantAssertionSigned or WantSAMLResponseSigned and instead relying on the WantAssertionOrResponseSigned flag which defaults to true. WantAssertionOrResponseSigned requires that either the SAML response or SAML assertion is signed.

If you're using Azure AD as the IdP, note that by default it signs the SAML assertion only.

If there's still an issue, please enable SAML trace and send the generated log file as an email attachment to [email protected].

https://www.componentspace.com/Forums/17/Enabing-SAML-Trace


Regards
ComponentSpace Development
nhien
nhien
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 11
ComponentSpace - 5/15/2023
You're better not specifying WantAssertionSigned or WantSAMLResponseSigned and instead relying on the WantAssertionOrResponseSigned flag which defaults to true. WantAssertionOrResponseSigned requires that either the SAML response or SAML assertion is signed.

If you're using Azure AD as the IdP, note that by default it signs the SAML assertion only.

If there's still an issue, please enable SAML trace and send the generated log file as an email attachment to [email protected].

https://www.componentspace.com/Forums/17/Enabing-SAML-Trace

sorry, but I have not found WantAssertionOrResponseSigned in PartnerIdentityProviderConfiguration.

using System.Security.Cryptography.X509Certificates;
using System.Xml;
using ComponentSpace.SAML2.Utility;

namespace ComponentSpace.SAML2.Configuration
{
  public class PartnerIdentityProviderConfiguration : PartnerProviderConfiguration
....
}
chrome-extension://bpggmmljdiliancllaapiggllnkbjocb/logo/48.png

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
It sounds like you're using an older version of the product.

If so, simply set WantSAMLResponseSigned to false and WantAssertionSigned to true.

Regards
ComponentSpace Development
nhien
nhien
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 11
ComponentSpace - 5/15/2023
It sounds like you're using an older version of the product.

If so, simply set WantSAMLResponseSigned to false and WantAssertionSigned to true.

Thanks, I will try.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
If there are still issues, please send a SAML log file to [email protected] mentioning your form post.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search