Login to the Identity Server Using Another Identity Server - SAML2

1
votes

I'm currently working with WSO2 suite and I've been trying to do an example from wso2 official documentation server, that you can find here. I already configure everything step by step and when i run travelocity application in my localhost it looks like the example says, i click in the link and it redirects me to Identity Server login. I type in user and password, and then it redirects me to travelocity home page, but then i run into this error: SAML 2.0 based Single Sign-On Error when processing the authentication request!

I check out the debuging log and it says that authentication succeeded and Identity Server sent the response to travelocity.

I have no idea what could be happening, please help me out.

I shared the log files here. My English is bad and i'm new working with WSO2, please be patient with me.

1
wso2saml-2.0wso2is
can you share the configurations of the two identity server SPs and travelocity.com? In particular, can you check whether the travelocity.properties options, SAML2.EnableResponseSigning / SAML2.EnableAssertionSigning / SAML2.EnableAssertionEncryption / SAML2.EnableRequestSigning match that of the first IS (IS that has travelocity registered as an SP), myfarasath
Can you attach wso2carbon.log and tomcat catalina.log files?Isura Dilhara Karunaratne

1 Answers

0
votes

The logs at WSO2 IS side says Signature validation for Authentication Request failed. The possible reason could be that you have not selected the correct certificate alias at WSO2 IS.

To do that, edit your service provider's SAML configuration and update the Certificate Alias with the correct value. In default case it should have the value wso2carbon. In case you have configured it to something else, select the one you have configured.