Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Feb 23, 2021 4:09:58 AM
Jun 23, 2018 5:16:57 AM
When trying to authenticate with SAML, Error 400 Bad request is displayed in the browser.
When looking into the Qlik Sense Proxy (Trace/Audit_proxy) the following WARN message: SAML assertion was not signed properly with any of the certificates provided in the IdP metadata
Looking at the SAML response and at the IDP metadata, we can, however, see that the same certificate is used for signing.
Environments:
This has been resolved in the February 2020 release.
Caused by QLIK-89285.
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml xs xsi" /> </ds:Transforms>
<ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#_1e1ed6a7c84fb5787ff829b0ba7a23b4"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> </ds:Transforms>
<ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#_1e1ed6a7c84fb5787ff829b0ba7a23b4"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="ds saml xs xsi" /> </ds:Transforms>