RSA Federated Identity Manager (FIM) 3.1
BEA WebLogic 8.1
IBM WebSphere 6.0
In Signing Policy, still want Auth Responses Signed
Missing Destination not handled in SAML Response
Unable to process the Response message, com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
Stack trace in debug.log
2007-04-11 22:56:08,156, (SSOHelper.java:585), SAML20-19, , , , Unable to process the Response message, com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
2007-04-11 22:56:08,171, (AssertionConsumerService.java:71), SAML20-19, , , , A ProfileException was encountered, com.rsa.fim.profile.sso.SSOProfileException: Exception encountered at the top-level of the profile bean: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.sso.SSOHelper.handleThrowable(SSOHelper.java:592)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1506)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
... 14 more
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
com.rsa.fim.profile.sso.SSOProfileException: Exception encountered at the top-level of the profile bean: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.sso.SSOHelper.handleThrowable(SSOHelper.java:592)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1506)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
... 14 more
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
2007-04-11 22:56:08,171, (AssertionConsumerService.java:86), SAML20-19, , , , Exiting : AssertionConsumerService.doGet() : returning void
Please contact RSA Technical Support to obtain hotfix #123.
Related Articles
RSA Identity Governance and Lifecycle 7.0.2 displays error communicating with server when saving workflows having more tha… Number of Views RSA Authentication Agent 7.2.1 for Windows cannot determine challenge group if the user submits fully qualified domain nam… Number of Views RSA Identity Governance and Lifecycle aveksaServer.log file filled with warning "Logging event having message 'Logging eve… Number of Views Cisco ACS / ASA sends two requests to Authentication Manager 8.x Number of Views Imported business descriptions are not updated correctly for groups in different applications having the same name in RSA … Number of Views
Trending Articles
RSA Authentication Manager 8.9 Release Notes (January 2026) RSA MFA Agent 2.3.6 for Microsoft Windows Installation and Administration Guide RSA-2026-07: RSA Authentication Manager Security Update for Third-Party Component Vulnerabilities Downloading RSA Authentication Manager license files or RSA Software token seed records RSA MFA Agent 2.5 for Microsoft Windows Installation and Administration Guide
