Skrevet af Jochen Lienhard — Gammelt datoformat: 2008 oktober 06 10:02 Hi,
now my next problem.It seems that oiosaml.java did not send a certificate with the artifact request, so the IdP can not authenticate the issuer.
09:43:18.025 INFO [org.opensaml.ws.transport.http.HttpServletRequestAdapter:129] - Wrapped HTTP servlet request did not contain a client certificate09:43:18.025 INFO [org.opensaml.ws.security.provider.ClientCertAuthRule:97] - Inbound message transport did not contain a peer credential, skipping client certificate authentication09:43:18.025 ERROR [org.opensaml.ws.security.provider.MandatoryAuthenticatedMessageRule:36] - Inbound message issuer was not authenticated.09:43:18.026 ERROR [edu.internet2.middleware.shibboleth.idp.profile.saml2.ArtifactResolution:182] - Message did not meet security requirements
How can I configure the oiosaml.java SP to send the cert with the request.
Greetings
Jochen
P.S. Hmm ... putting the certificate from the IdP in the keystore is not very comfortable.Re: Certificate in the requestSkrevet af Joakim Recht — Gammelt datoformat: 2008 oktober 13 14:18 Correct, OIOSAML does not send a client certificate on the ssl connection, only http basic auth is supported at the moment.
If you want to implement it yourself, take a look at the HttpSOAPClient class.Regards,
Joakim
Der er ingen tags at vise.
Ønsker du at skrive indlæg eller blot kommentere indlæg, skal du være oprettet som bruger og logget ind.
En ny fil vil overskrive en eksisterende fil, hvis begge filer har samme navn og samme ekstension.
- (kræver login)
Der er ikke tilknyttet tags fra andre brugere