XML Agent does not recognize the message body as a SAML assertion.
We see the following error when we check the SDK debug logs:
189215 2017-09-23 12:41:15,753 [http-nio-27200-exec-10] DEBUG com.netegrity.tm.contenthelper.handler.authentication.WSSecuritySAMLAuthHandler - No confirmation method selected. Rejecting all assertions.
189215 2017-09-23 12:41:15,753 [http-nio-27200-exec-10] DEBUG com.netegrity.tm.contenthelper.handler.HandlerServiceManager - dispatch request failed.
WSS SDK
The assertion is being rejected due to a configuration issue, as the error above is due to having none of the Options under SAML Token Restrictions selected in the WSS Authentication Scheme
The following line from the SDK debug logs show which options are selected:
189215 2017-09-23 12:41:15,753 [http-nio-27200-exec-10] DEBUG com.netegrity.tm.contenthelper.handler.authentication.WSSecuritySAMLAuthHandler - hk flag: false; sv flag: false; bearer flag: false; supportingSigsRequired flag: false; timestamp flag: false; timestamp skew (sec): 30; ssl flag: false; ssl keystore flag: false; role: null
In the authentication scheme you need to select one of the SAML Token Restrictions according to your requirements to solve the issue:
Allow sender-vouches
Allow bearer
Allow holder-of-key