RSA Federated Identity Manager (FIM) 3.1
BEA WebLogic 8.1
IBM WebSphere 6.0
In Signing Policy, still want Auth Responses Signed
Missing Destination not handled in SAML Response
Unable to process the Response message, com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
Stack trace in debug.log
2007-04-11 22:56:08,156, (SSOHelper.java:585), SAML20-19, , , , Unable to process the Response message, com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
2007-04-11 22:56:08,171, (AssertionConsumerService.java:71), SAML20-19, , , , A ProfileException was encountered, com.rsa.fim.profile.sso.SSOProfileException: Exception encountered at the top-level of the profile bean: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.sso.SSOHelper.handleThrowable(SSOHelper.java:592)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1506)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
... 14 more
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
com.rsa.fim.profile.sso.SSOProfileException: Exception encountered at the top-level of the profile bean: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.sso.SSOHelper.handleThrowable(SSOHelper.java:592)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1506)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
... 14 more
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
2007-04-11 22:56:08,171, (AssertionConsumerService.java:86), SAML20-19, , , , Exiting : AssertionConsumerService.doGet() : returning void
Please contact RSA Technical Support to obtain hotfix #123.
Related Articles
How to Start/Stop/Access Oracle Enterprise Manager (OEM) in RSA Governance & Lifecycle Number of Views New PIN Mode and Next Tokencode Mode not working from the web pages using RSA Authentication Agent for Web for Apache on R… Number of Views RSA Authentication Agent 7.2.1 for Windows cannot determine challenge group if the user submits fully qualified domain nam… Number of Views Move RSA Authentication Manager 8.1 users from the internal database to an external identity source along with their group… Number of Views Cisco ACS / ASA sends two requests to Authentication Manager 8.x Number of Views
Trending Articles
Quick Setup Guide - Passwordless Authentication in Windows MFA Agent for Active Directory RSA Authentication Manager 8.9 Release Notes (January 2026) Artifacts to gather in RSA Identity Governance & Lifecycle RSA Governance & Lifecycle 8.0.0 Administrators Guide RSA Governance & Lifecycle 8.0.0 Installation Guide
