https://stackoverflow.com/questions/23166041
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianFound that this is an issue with the Decrypter. Problem was decrypted Assertion wasn't properly rooted. By calling setRootInNewDocument(true) of the Decrypter before the decryption, you can have properly rooted Assertion. So Signature validation will succeed.
Opensaml Assertion Signature validation failed for decrypted Assertion
-
06-07-2023 - |
Question
I have decrypted a SAML assertion using Opensaml. Although decryption happens without a error, when I tried to validate the Signature of that Assertion it fails with the error
"org.apache.xml.security.signature.MissingResourceFailureException: The Reference for URI #eimakmeiiebhiefoopoogamnnbibdpkfloophhdd has no XMLSignatureInput"
(For the same configuration if I didn't use encryption, signature validation happens fine)
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
