ZaC*_*231 5 saml-2.0 spring-saml okta
我正在尝试Okta快速启动Java tomcat SAML,我对这个话题很新.
当我启动我的测试应用程序时,我确实看到一个指向Okta IDP的链接,点击"开始单点登录"按钮后,我被重定向到Okta地址,信息"Sining in to SAML - Test"(我的Okta测试名称)之后我再次被重定向到我的应用程序:
之后有一个堆栈跟踪,
我错过了什么?我究竟做错了什么?
谢谢你的帮助Zack.
Error
Error validating SAML message
Caused by: org.opensaml.common.SAMLException: Response doesn't have any valid assertion which would pass subject validation
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:229)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:82)
... 27 more
Caused by: org.opensaml.common.SAMLException: Local entity is not the intended audience of the assertion in at least one AudienceRestriction
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.verifyAudience(WebSSOProfileConsumerImpl.java:506)
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.verifyAssertionConditions(WebSSOProfileConsumerImpl.java:458)
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.verifyAssertion(WebSSOProfileConsumerImpl.java:303)
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:214)
... 28 more
| 归档时间: |
|
| 查看次数: |
6753 次 |
| 最近记录: |