2 Replies Latest reply on Dec 5, 2012 4:12 AM by Lukasz Moren

    Cannot verify SAML2 (Shibboleth) response signature

    Lukasz Moren Newbie

      I try to build Shibboleth SP using Picketlink SPFilter v. 2.1.3. To test an implementation I use testshib.org identity provider.

      Everything works fine, however when PicketLink tries to verify signature of incoming Shibboleth response I get the following error:




      Is it maybe connected with: https://issues.jboss.org/browse/PLFED-284


      Also can you confirm that the public key that is used to verify signature on the assertion is obtained from the keystore and not from the SAML2 assertion?


      Thanks in advance for any help.


      Cheers, Lukasz