000022310 - Error: 'Invalid samlp:Response. SAMLResponse has to be digitally signed' in RSA Federated Identity Manager (FIM)

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000022310
Applies ToRSA Federated Identity Manager (FIM) 2.5
Microsoft Windows 2000 SP4
IssueError: "Invalid samlp:Response. SAMLResponse has to be digitally signed" in RSA Federated Identity Manager (FIM)
The following error appears in web browser:

Error 500 - Internal Server Error

The server encountered the following unexpected condition: Error in RSA Federated Identity Manager: Error encountered in
Relying Party servlet: com.rsa.csf.common.exceptionbase.CsfApplicationException: Error in Relying Party while processing Asserting Party response: ;
nested exception is: com.rsa.csf.techservice.saml.opensaml.SAMLException: Invalid samlp:Response. SAMLResponse has to be digitally signed
CauseThis error appears when the AP and RP are not configured properly for digital signing. In this case, the RP site requires signed responses, and the AP site was configured to not sign responses.
ResolutionTo correct this issue, reconfigure the AP and RP sites to agree on digitally signing responses.
Legacy Article IDa27877

Attachments

    Outcomes