Signing and Encrypting SAML

book

Article ID: 131925

calendar_today

Updated On:

Products

STARTER PACK-7 CA Rapid App Security CA API Gateway

Issue/Introduction

I am trying to encrypt saml to token using client public cert. I am currently using Encrypt XML element assertion with target : ${issuedSamlAssertion} Below is error

msg: 20190506 15:49:03.076 WARNING 4330 Invalid target message, variable "issuedSamlAssertion": Request message source ("issuedSamlAssertion") is a context variable of the wrong type (expected=Message, actual=String). Please find attached policy.

Environment

Gateway 9.3

Resolution

Need to set the variable context as message XML 

DataType: Message 
Contect-Type: text/xml: charset=utf-8 
Expr: ${issuedSamlAssertion} 


Then the context variable needs to be used in the “(Non-SOAP) XML Element Encryption Properties” 

In the properties we Specified the certificate (CN=test1) public cert 

Attached sample policy
 

Attachments

1558537222736revised.xml get_app