FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. ajbily
    A
    • Profile
    • Following 0
    • Followers 0
    • Topics 1
    • Posts 1
    • Best 0
    • Controversial 0
    • Groups 0

    ajbily

    @ajbily

    0
    Reputation
    1
    Profile views
    1
    Posts
    0
    Followers
    0
    Following
    Joined Last Online
    ajbily Unfollow Follow

    Latest posts made by ajbily

    • creating FusingAuth "Application" with SAML 2.0 conneciton - get error "invalid AssertionConsumerServiceURL"

      Hello,

      My service provider works fine with many other SSO providers, but errors with FusionAuth.

      I can see the (SAML SP Initiated) request is going to FusionAuth, but FusionAuth is returning back with this response: The AuthnRequest contained an invalid AssertionConsumerServiceURL

      Can you tell me how to figure out what FusionAuth doesn't like? (like said, works fine with many other SAML SSO Idp's)

      <?xml version="1.0" encoding="UTF-8" standalone="no"?>
      <ns3:Response xmlns:ns3="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmlenc#" Destination="https://platformqa.xxxxxx.com/Saml/AssertionConsumer" ID="_5fa02b8c-2d8f-4d50-9d50-1d000032e081">
      <Issuer/>
      <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
      <SignedInfo>
      <CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
      <SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
      <Reference URI="#_5fa02b8c-2d8f-4d50-9d50-1d000032e081">
      <Transforms>
      <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
      <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
      </Transforms>
      <DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
      <DigestValue>V6r7cdZvQUFj6RKP65sFB4CbB3xBJ59eQPvgB0nwIBY=</DigestValue>
      </Reference>
      </SignedInfo>
      <SignatureValue>XDAzUJVpA63kME8Mfy3V2OK79gfxCgTo5sqc1Gw3Z77i7ysh6g3g5GidbU/fu4xWn6SbPuSuxZTM1fjupeaknqocJsvSba7rHOBUmL43JYQR8/a2IrtuW18gRrX3gdnudSVX6ugoovJQw1ix+lB5I18tpUiNOLaCEzBg7Tl7RlcP4iEwbPnGV5JqyrPjBqE32i5BTfPMLnmL1QvUQE1kl4eWDXc/CvFtjhJheYymIE4aipOCzC7dyunL7BwZ3Bvf1B/xJljDER0aUqn9BGZT8cIcTcO85xxTWf/Z5NfMcFmHgvVY0LlKJqMH8h94V5hjrzHuQ6FQCt+Icr+CwyX01A==</SignatureValue>
      <KeyInfo>
      <X509Data>
      <X509Certificate>MIICzDCCAbSgAwIBAQIQPFwUzvRxR1e2MjvPwnbYnDANBgkqhkiG9w0BAQsFADAiMSAwHgYDVQQDExdncmJpbmNkZXYuZnVzaW9uYXV0aC5pbzAeFw0yNDA3MjUxOTAyMjZaFw0zNDA3MjUxOTAyMjZaMCIxIDAeBgNVBAMTF2dyYmluY2Rldi5mdXNpb25hdXRoLmlvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5WuRr+f1dDA0b63IUqMyRapijzdCNaMXZSmgcuDM5CFvY10IWLikTekhjrW/E1wjCE0srolnbOfnvtRGLNJaDbP8hl0vC2xMYBJbFWSQC6Fdsz5MRVKv4xFoa8HiEbx1iTkkbrQoRSLcR1TIGBV2OxPcBL8N7Zw4SQnhlfZdGF+nujVVfP7fk7gKu5/n+O77Ep8Vm3nVxM32xmflquiV7+X8HWARpy3q/n1ex7wiuBsgptMPQ/ByVT+87yGX1sS0zK06SksAbYhm6EfajV4uPWUcUDuKee6hSlzolKNRUnNfgRhvwLnNNTRyq89RESRXoduMiJXNzuQ7pRynTgG8QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCWYBwSuNUnRrMNGDcCcp/AtUoegSq5q6cHtYEO8kyqEEt3CvJRgx9wplBGTteZ38FZ5KcAegGn4tNAs6OD8aoS5h/5dvZuJ+ZXxu+jqaNGd7vOKavZG1XQeGAP0DPP5iCUo73OV2iaA4FpzkX6bRipVIBD+NDaXVfTkac4yHDtz0FTRMpPMMxk1I/08s+1KuunKato8w3SY6flOhuVwciShetUn39X0RLsRlQwwpYQFgxBfi9VJtoKZ1xOMwkB9bzxsXGpi6CrQMGDro4ndsfN1WERW9LSYR+ZDCkweW3YkXgMLwefE3Vyj7ZS256EmYMzr221XHX5ynQTKMjvf4S4</X509Certificate>
      </X509Data>
      </KeyInfo>
      </Signature>
      ns3:Status
      <ns3:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Requester"/>
      ns3:StatusMessageThe AuthnRequest contained an invalid AssertionConsumerServiceURL [https://platformqa.xxxxxx.com/Saml/AssertionConsumer?binding=urn%3Aoasis%3Anames%3Atc%3ASAML%3A2.0%3Abindings%3AHTTP-POST]</ns3:StatusMessage>
      </ns3:Status>
      </ns3:Response>

      posted in General Discussion
      A
      ajbily