Comments (5)
I'm betting that error is why it doesn't hit persister ever. It validates the signature on the metadata document before persisting. That seems like a red-herring though and not like it'd be your actual issue. The persister is more about a between-request memoization and shouldn't actually affect things like this.
I don't see "Issuer cannot be verified" anywhere in the code, so it sounds like the client is disagreeing with the IDP in terms of credentials or signing.
from saml_idp.
@jphenow thank you! Ok so I should look into the certificate exchange and signing. When using a public cert is there a way to null out the secret_key? config.secret_key = nil
caused an error when i tried it. Reason I ask is I am trying to get down to bare minimum cert requirements and then build up from there.
from saml_idp.
Interesting - we should possibly allow that to be nil'd, but you could try an empty string
from saml_idp.
@jphenow I agree that this must be an issue on the SP side of things. Closing this issue and thank you for the feedback!
from saml_idp.
Anytime! Good luck :)
from saml_idp.
Related Issues (20)
- move to travis .com HOT 2
- Certificate provided in IDP Metadata does not have Key Usage with digitalSignature field HOT 2
- Specifying encryption details in /saml/metadata
- SLO appears to be incomplete HOT 2
- Question on configuring SP HOT 2
- SamlIdp::IdpController is not works for many cases HOT 1
- undefined method `acs_url' for nil:NilClass HOT 6
- To use SP metadata information for IdP configuration. HOT 1
- Is this used in production? HOT 1
- Fixe typo of example SamlIdpController HOT 2
- 'Signature is invalid' error when logging out HOT 3
- Validate Signature for the SP by default HOT 2
- Unclear meaning of attribute "validate_signature" HOT 2
- Tried building with gem but failed, started writing a custom builder HOT 2
- IdP seems to be encoding the callback url's query string in a weird way HOT 2
- SLO Request without x509 certificate element HOT 1
- undefined method `signed_message=' for #<SamlIdp::Configurator:0x00007f9b1e8ee4f8 HOT 2
- Update rails docs HOT 2
- NoMethodError in SamlIdpController#create HOT 4
- 403 error with SLO request HOT 4
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from saml_idp.