首页 文章

身份提供者的响应无效

提问于
浏览
1

saml20.implementation.SAMLFeedbackException: The response from the identity provider is not valid.

尝试使用WSO2 5.4.1 Identity Server配置SAML2.0

Here is the Metadata file from WSO2 IS.

<?xml version="1.0" encoding="UTF-8"?><EntityDescriptor 
xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="localhost">
<IDPSSODescriptor 
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" 
validUntil="2018-02-28T06:02:51.018Z"><KeyDescriptor use="signing"><KeyInfo 
xmlns="http://www.w3.org/2000/09/xmldsig#"><X509Data>
<X509Certificate> 
MIIDSTCCAjGgAwIBAgIEAoLQ/TANBgkqhki....WCCq4ZuXl6wVsUz1iE61suO5yWi8=
</X509Certificate></X509Data></KeyInfo></KeyDescriptor><SingleLogoutService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
Location="https://localhost:9443/samlsso" 
ResponseLocation="https://localhost:9443/samlsso"/>
<NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-
format:unspecified</NameIDFormat><SingleSignOnService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
Location="https://localhost:9443/samlsso"/><SingleSignOnService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" 
Location="https://localhost:9443/samlsso"/></IDPSSODescriptor>
</EntityDescriptor>

Below file is SP generated from SAML

<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<md:EntityDescriptor entityID="http://localhost:7337/" 
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
<md:SPSSODescriptor 
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>
MIIDNjCCAh6gAwIBAgI....7YzPhQmQo7pVpn1YLvlNk
IJyZ9RkmZyI+h6ayztkOgc+scflN/j2fdDOufg==</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-
Redirect" Location="http://localhost:7337/SSO/logout"/>
<md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-
POST" Location="http://localhost:7337/SSO/logout"/>
<md:AssertionConsumerService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
Location="http://localhost:7337/SSO/assertion" index="1"/>
<md:AssertionConsumerService 
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" 
Location="http://localhost:7337/SSO/assertion" index="2"/>
</md:SPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">NNN</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">NNN</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">www.xyz.com</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="administrative">
<md:GivenName>Test</md:GivenName>
<md:SurName>K</md:SurName>
<md:EmailAddress>test.k@gmail.com</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>

当我运行应用程序时,它将我重定向到wso2登录页面 . 在提供用户名和密码后点击“登录”按钮我收到此错误 .

saml-2.0 wso2is

1 回答

  • 0

    最后,经过多次努力和正常工作,我得到了它 .

    我在SAML2 Web SSO配置下缺少要检查的复选框,请参见下图

    enter image description here

    回复于

相关问题