By kuroczyd - 2/15/2022
I am trying to understand why I get the error "Failed to verify signature on HTTP redirect message" when a user tries to logout from an SSO session. It is not the first time I am using ComponentSpace SAML2 : we have a dozen of customers using the component and the login works well for them. I suppose that there is something in the customer settings, certificate.... Can you advise what to look at and check ? Thanks a lot
Stack Trace:
[SAMLSignatureException: Failed to verify signature on HTTP redirect message.] ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.CheckSignature(String redirectURL, String encodedSignature, String messageQueryName, AsymmetricAlgorithm key, String signatureAlgorithm) +459 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.VerifyResponseSignature(HttpRequestBase httpRequest, String signatureAlgorithm, String signature, AsymmetricAlgorithm key) +95 ComponentSpace.SAML2.Bindings.HTTPRedirectBinding.ReceiveMessage(HttpRequestBase httpRequest, XmlElement& samlMessage, String& relayState, Boolean& isRequest, Boolean& signed, AsymmetricAlgorithm key) +259 ComponentSpace.SAML2.Profiles.SingleLogout.SingleLogoutService.ReceiveLogoutMessageByHTTPRedirect(HttpRequestBase httpRequest, XmlElement& logoutMessage, String& relayState, Boolean& isRequest, Boolean& signed, AsymmetricAlgorithm key) +73 ... |
|