[midPoint] SAML SP Signingkey to support request signing
Yakov Revyakin
yrevyakin at gmail.com
Mon Mar 6 17:47:43 CET 2023
Hi all,
For followers who want to start with Midpoint SP keys, for example if you'd
like to support SAML logout request I have an advice:
Don't start with <activeSimpleKey>. Instead of this consume
<activeKeyStoreKey>. This will significantly save your time.
If, after that, you'd like to continue with activeSimpleKey setup
java-debuger to be able to see what really happens during processing of
provided key and certificate. Midpoint log by default doesn't show roots of
cause and types something like "Couldn't find filters" or "Failed to
resolve any signing credential" when actually there is a problem with
bouncycastle ssl provider and parameters of private key.
SamlModuleWebSecurityConfiguration.java is the place to debug.
Good luck
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230306/64825b19/attachment.htm>
More information about the midPoint
mailing list