When I clear my authenticated session at test SP and request new authentication, satosa proxy fails on Saml2/sso/post:
[2017-03-23 14:00:01] [DEBUG]: [urn:uuid:1360174e-a648-4647-aec5-db0d027f206c] Routing path: Saml2/sso/post
[2017-03-23 14:00:01] [DEBUG]: [urn:uuid:1360174e-a648-4647-aec5-db0d027f206c] Found registered endpoint: module name:'Saml2IDP', endpoint: Saml2/sso/post
[2017-03-23 14:00:01] [ERROR]: [urn:uuid:1360174e-a648-4647-aec5-db0d027f206c] Uncaught exception
Traceback (most recent call last):
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/base.py", line 255, in run
resp = self._run_bound_endpoint(context, spec)
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/base.py", line 203, in _run_bound_endpoint
return spec(context)
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/frontends/saml2.py", line 96, in handle_authn_request
return self._handle_authn_request(context, binding_in, self.idp)
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/frontends/saml2.py", line 177, in _handle_authn_request
req_info = idp.parse_authn_request(context.request["SAMLRequest"], binding_in)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/server.py", line 235, in parse_authn_request
"single_sign_on_service", binding)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/entity.py", line 854, in _parse_request
must=must, only_valid_cert=only_valid_cert)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/request.py", line 96, in loads
only_valid_cert=only_valid_cert)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/request.py", line 59, in _loads
raise IncorrectlySigned()
saml2.response.IncorrectlySigned
[2017-03-23 14:00:01] [ERROR]: Unknown error
Traceback (most recent call last):
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/base.py", line 255, in run
resp = self._run_bound_endpoint(context, spec)
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/base.py", line 203, in _run_bound_endpoint
return spec(context)
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/frontends/saml2.py", line 96, in handle_authn_request
return self._handle_authn_request(context, binding_in, self.idp)
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/frontends/saml2.py", line 177, in _handle_authn_request
req_info = idp.parse_authn_request(context.request["SAMLRequest"], binding_in)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/server.py", line 235, in parse_authn_request
"single_sign_on_service", binding)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/entity.py", line 854, in _parse_request
must=must, only_valid_cert=only_valid_cert)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/request.py", line 96, in loads
only_valid_cert=only_valid_cert)
File "/opt/satosa/py3env/lib/python3.5/site-packages/saml2/request.py", line 59, in _loads
raise IncorrectlySigned()
saml2.response.IncorrectlySigned
The above exception was the direct cause of the following exception:
Traceback (most recent call last):
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/proxy_server.py", line 112, in __call__
resp = self.run(context)
File "/opt/satosa/py3env/lib/python3.5/site-packages/satosa/base.py", line 266, in run
raise SATOSAUnknownError("Unknown error") from err
satosa.exception.SATOSAUnknownError: Unknown error
Attempting the authentication immediately after, results in a successful authentication. The next authentication fails again etc. etc.