Hi, For one of our customers we added the SAML module (v 1.9.2) for SSO. This works perfectly in acceptance, but for some reason it does not in production. The following error is found in the logs: org.opensaml.xml.validation.ValidationException: The assertion is not signed correctly We triple-checked the configuration on the Mendix side and had our partner (who handles the ADFS part) do the same. Everything is configured identically... Things we tried Mendix side: Disable using custom id (Mendix URL instead of custom URL). Resetting encryption keystore. Editing alias (for some reason). Removing the IdP configuration and setting up a new one. The "assertion is not signed correctly" seems to be an error that hardly ever pops up (try Googling it, at max you'll have 2/3 pages of hits). I'm hoping that there's a guru around here that knows exactly what we might be overlooking or waht we can can try in order to pinpoint the cause. Thanks, Dennis Homberg
asked
Dennis Homberg
3 answers
0
Have you tried validating the assertion using a validation tool (https://www.samltool.com/validate_response.php for instance)? What happened?
answered
Nikel Kruizinga
0
Hmm, my gut feeling would be to double check the certificates on the other side. See for instance this post:
Did you manage to resolve the problem? What was the root cause? We started seeing identical issues after the weekend. The application was running in production perfectly fine for a couple of weeks. Running 7.23.7