Spectrum SAML Integration failing due to SAML Response is not trusted
search cancel

Spectrum SAML Integration failing due to SAML Response is not trusted

book

Article ID: 406352

calendar_today

Updated On:

Products

Network Observability Spectrum

Issue/Introduction

catalina.out shows the following prints

[https-jsse-nio-8443-exec-2] DEBUG org.apache.cxf.fediz.core.samlsso.SAMLProtocolResponseValidator - Issuer 'null' not validated in keystore '/spectrum/custom/keystore/cacerts'
[https-jsse-nio-8443-exec-2] WARN  org.apache.cxf.fediz.core.samlsso.SAMLProtocolResponseValidator - SAML Response is not trusted
[https-jsse-nio-8443-exec-2] DEBUG org.apache.cxf.fediz.core.processor.SAMLProcessorImpl - The security token could not be authenticated or authorized

Resolution

Import idp cert into OneClick keystore
 
./keytool -importcert -keystore /<SPECROOT/custom/keystore/cacerts -storepass changeit -alias idp -file /pathtoidpcert/cert.txt
 
Restart Tomcat
Powered by Wolken Software