I have just change the configuration of my ASP.NET MVC serivce provider to support a different identity provider by modifying the web.config and saml.config. For a reason I cannot figure out it generates the error 'Neither the SAML assertion nor response is signed' when recieves the SAML response and it calls the SAMLServiceProvider.ReceiveSSO method from AssertionConsumerService() in my MVC site. Using SAML tracer, the incoming SAML response looks correct, so why is it generating the error. The singing values of the entry in the saml.conifg looks like this:
So under what circumstances would it generate this error - see attachement.
I suspect it is a configuration issue, but how does it match the incoming SAML response to the entry in the saml.conifg?