AnsweredAssumed Answered

Layer7 SSG 8.4 - How to  - Retrieve credentials from context variable Assertion

Question asked by nicolas.laigle on Sep 29, 2015
Latest reply on Oct 6, 2015 by nicolas.laigle

Hi,

 

I Have an incoming request (non SOAP) message which contains a base64 encoded SAML Response Assertion.

I have decoded the base64 and stored the SAMLResponse element into  a context variable.

 

I successfully verify the SAMLResponse signature using assertions :" (Non-SOAP) Verify XML Element" and "(Non-SOAP) Check Results from XML Verification".

Verify XML Element is using prefix m_saml_signature to store signature validation results.

Having put some audit logs, I can see the values of signature validation: m_saml_signature.signingCertificates and m_saml_signature.signingCertificates.1.serial

 

Then I try to use the validated signature certificate as credentials for authentication so I use assertion: "Retrieve credentials from context variable Assertion" with context variable input value : m_saml_signature.signingCertificates.1

 

It always failed with the following log message:

20150929 10:27:40.168    INFO  3017    Policy evaluation for service ehc006-sso.dev.ehc.adp.com [21aa6ef85cec85d9be9799b9d87c0392] resulted in status 500 (Internal Server Error)

 

Here is the Policy abstract :

 

Anyone can help ?

Thanks.

Outcomes