Comments (3)
mbesset
commented on July 23, 2024
Hello,
You can add AuthnRequestsSigned="true" and WantAssertionsSigned="true" on SPSSODescriptor.
Exemple ;
<SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" AuthnRequestsSigned="true" WantAssertionsSigned="true">
from mod_auth_mellon.
rledousa
commented on July 23, 2024
HI
Thank you for the reply! I tried flipping that from true to false and I got the same error. Want to make sure I understand how it works - setting WantAssertionsSigned tells the mellon module that the IdP's assertion will not be signed, or does it tell the IdP not to sign the assertion?
from mod_auth_mellon.
thijskh
commented on July 23, 2024
The verification of the message signature is handled by the Lasso library that Mellon builds on. Lasso will verify the response signature, if it's missing, it will see if the assertion is signed and verify that. For more details I refer you to the Lasso project.
from mod_auth_mellon.
Related Issues (20)
- lasso error -407 being thrown when attempting to logout HOT 1
- Impersonation HOT 1
- Using Mellon ENV Variables in rewriterules? Looking for some guidance HOT 4
- Error processing authn response. Lasso error: [-111] Failed to verify signature., HOT 26
- When executing mellon_create_metadata.sh on Ubuntu 22 no XML file gets generated HOT 1
- Mod auth mellon is NOT checking the SAML Response signature HOT 14
- mellon_create_metadata.sh never generates metadata files with /dev/urandom HOT 3
- "Failed to verify signature" but SPSSODescriptor validation is disabled HOT 5
- mellon_create_metadata : xml file is not valid HOT 1
- Need to run autogen.sh before configure HOT 2
- MellonIdPPublicKeyFile not used depending on your lasso version
- mod_auth_mellon is not working under </Directory> with DAV on
- Support for newer versions of openss HOT 2
- Upgrading from 0.17.0 to 0.18.1 - application does not work HOT 1
- Pass AuthnContextClassRef into MELLON_ variables HOT 1
- EntitiesDescriptor - Multiple SP entityID's not working HOT 3
- General Question: mod_auth_mellon available for Windows? HOT 1
- Internal Server Error when IdP-Initiated Single Logout
- virtual host with and without Mellon HOT 2
- why my webage is circling back and forth after the integration?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from mod_auth_mellon.