I Have an incoming request (non SOAP) message which contains a base64 encoded SAML Response Assertion.
I have decoded the base64 and stored the SAMLResponse element into a context variable.
I successfully verify the SAMLResponse signature using assertions :" (Non-SOAP) Verify XML Element" and "(Non-SOAP) Check Results from XML Verification".
Verify XML Element is using prefix m_saml_signature to store signature validation results.
Having put some audit logs, I can see the values of signature validation: m_saml_signature.signingCertificates and m_saml_signature.signingCertificates.1.serial
Then I try to use the validated signature certificate as credentials for authentication so I use assertion: "Retrieve credentials from context variable Assertion" with context variable input value : m_saml_signature.signingCertificates.1
It always failed with the following log message:
|20150929 10:27:40.168 INFO||3017 Policy evaluation for service ehc006-sso.dev.ehc.adp.com [21aa6ef85cec85d9be9799b9d87c0392] resulted in status 500 (Internal Server Error)|
Here is the Policy abstract :
Anyone can help ?