Forums | Mahara Community
Support
/
Validation of received messages enabled, but no signature found on message
05 October 2020, 23:42
Hi,
I udated last mahara version, and when the users "closed session", I have this message error log:
[WAR] 30 (lib/errors.php:536) [SimpleSAML\\Error\\Exception]: Validation of received messages enabled, but no signature found on message.[[errorat/error]]/disc2/www/html/auth/saml/extlib/simplesamlphp/modules/saml/lib/Message.php:289, referer: https://portafolis.uvic.cat/
I attach capture.
I hope to have an answer as soon as possible.
Thanks.
06 October 2020, 7:34
Hi Joan,
It sounds like either the SP metadata or the IdP metadata is not being signed but the other is and so the message can't be read.
Mahara should generate signed SP metadata so I suspect the IdP end isn't
Try checking with your IdP to see if they are signing the metadata correctly
Cheers
Robert
07 October 2020, 22:07
Hi Robert,
Can you answer me please?
Besides checking Idp metadata, what else do I need to do to fix it?
It's necessary.
Thanks.
08 October 2020, 8:14
Hi Joan,
I'm not sure why your setup is failing but one thing you could try is this:
in the auth/saml/config/authsources.php file there is the lines:
'redirect.sign' => TRUE,
'redirect.validate' => TRUE,
Try setting them to false to see if that makes any difference
According to https://simplesamlphp.org/docs/stable/simplesamlphp-reference-sp-remote#section_2_2 those options are to do with message validation
Cheers
Robert
08 October 2020, 20:47
Hi Robert,
It worked. I modified:
'redirect.sign' => CERT,
'redirect.validate' => FALSE,
Thanks.