2 Replies Latest reply on Dec 5, 2012 4:12 AM by Lukasz Moren

    Cannot verify SAML2 (Shibboleth) response signature

    Lukasz Moren Newbie

      I try to build Shibboleth SP using Picketlink SPFilter v. 2.1.3. To test an implementation I use testshib.org identity provider.

      Everything works fine, however when PicketLink tries to verify signature of incoming Shibboleth response I get the following error:

       

      https://gist.github.com/3358846

       

      Is it maybe connected with: https://issues.jboss.org/browse/PLFED-284

       

      Also can you confirm that the public key that is used to verify signature on the assertion is obtained from the keystore and not from the SAML2 assertion?

       

      Thanks in advance for any help.

       

      Cheers, Lukasz