Symantec Access Management

Hello Friends,

SP initiated flow is not working when we enable Signature processing, am getting below error when we access SP URL,

[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][SSO.java][processAssertionGeneration][Re
ceived the following response from SAML2 assertion generator: SAML2Response=NO.]
[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][SSO.java][processAssertionGeneration][Tr
ansaction with ID: 18151350-26f55155-783a22a9-48a758de-0215824d-80f failed. Reason: FAILED_INVALID_RESPONSE_RETURNED]
[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][SSO.java][processAssertionGeneration][De
nying request due to "NO" returned from SAML2 assertion generator.]
[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][ErrorRedirectionHandler.java][redirectTo
ErrorPage][Sending HTTP Error 500 ]

SP Initiated SSO is working when i Disable Signature processing. We dont have any SP Signing certificate, only we are using IDP signing certificate to Sign SAML Response.

Existing applications are working With same IDP certificate. We are using this certificate from last two years. When i configure new partnership am facing this issue. 

I tried to rrrrrestart Policy Serveer but not helped.

Can someone please share if you have any fix on this ?

Thanks,
Subash.

Dear Subash,

It seems to be a certificate issue as you explained. Please ask the SP team to configure a Certificate in there system and provide it to you the IDP (a self-signed cert will also work). OR If it is possible to share your IDP certificate with the SP to configure there system with this CERT ? You can do this as well. Once they configure it, please select the SP cert in the Verification Certificate Alias as below and test it once:


Best Regards
Original Message:
Sent: 05-10-2021 12:42 PM
From: Subash Jesuraj
Subject: SP Initiated SSO Not working with IDP Certificate

Hello Friends,

SP initiated flow is not working when we enable Signature processing, am getting below error when we access SP URL,

[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][SSO.java][processAssertionGeneration][Re
ceived the following response from SAML2 assertion generator: SAML2Response=NO.]
[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][SSO.java][processAssertionGeneration][Tr
ansaction with ID: 18151350-26f55155-783a22a9-48a758de-0215824d-80f failed. Reason: FAILED_INVALID_RESPONSE_RETURNED]
[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][SSO.java][processAssertionGeneration][De
nying request due to "NO" returned from SAML2 assertion generator.]
[05/05/2021][14:30:16][54825][139971143976704][18151350-26f55155-783a22a9-48a758de-0215824d-80f][ErrorRedirectionHandler.java][redirectTo
ErrorPage][Sending HTTP Error 500 ]

SP Initiated SSO is working when i Disable Signature processing. We dont have any SP Signing certificate, only we are using IDP signing certificate to Sign SAML Response.

Existing applications are working With same IDP certificate. We are using this certificate from last two years. When i configure new partnership am facing this issue.

I tried to rrrrrestart Policy Serveer but not helped.

Can someone please share if you have any fix on this ?

Thanks,
Subash.