samlify icon indicating copy to clipboard operation
samlify copied to clipboard

Published 20 hours ago verified publisher icon tngan

Construct service provider - missing signatureConfig

Open habeebahmed opened this issue 3 years ago • 1 comments

Hi @tngan can you please advice how to resolve Construct service provider - missing signatureConfig warning ? will it have impact on SAML response validation ?

habeebahmed avatar Oct 24 '21 19:10 habeebahmed

I am having the same issue. Some documentation on how to use this field in either the SP or the IdP would be very helpful.

I can see in binding-post.ts that it defaults to a number of different things between the IdP and the SP:

location: { reference: "/*[local-name(.)='AuthnRequest']/*[local-name(.)='Issuer']", action: 'after' },
location: { reference: "/*[local-name(.)='LogoutRequest']/*[local-name(.)='Issuer']", action: 'after' },
location: { reference: "/*[local-name(.)='Response']/*[local-name(.)='Issuer']", action: 'after' },
location: { reference: "/*[local-name(.)='Response']/*[local-name(.)='Assertion']/*[local-name(.)='Issuer']", action: 'after' },
location: { reference: "/*[local-name(.)='LogoutResponse']/*[local-name(.)='Issuer']", action: 'after' }

These are all really complicated strings and I have no idea which one to use in my configuration. Why would I specify a Request type in the local-name or the "Issuer/Assertion" part, when I'm just initializing a new SP?

TomKrcmar avatar Dec 14 '22 16:12 TomKrcmar