I am trying to integrate saml with java spring boot application. I integerated it with okta, and works fine. But when i change the config to point to actual adfs(not Okta), i get this error on adfs "MSIS0037: No signature verification certificate found for issuer 'https://xxx.mydomain.com/saml/metadata'. I checked my SAML auth request using SAML tracer and in that issuer is https://xxx.mydomain.com/saml/metadata, but i guess it should be https://xxx.mydomain.com and i am guessing that is why i get this error. I have installed an internally generated certificate on the server, and put the public key in the metadata i have provided to the adfs team which they have inserted successfully. Can anyone guide me to how to change issuer in my saml request?
Asked
Active
Viewed 3,959 times
1 Answers
0
You can change the issuer in the SAML request: <saml:Issuer> https://xxx.mydomain.com</saml:Issuer>
This guide has some good samples for doing this with ADFS and spring boot: https://myshittycode.com/2016/02/18/spring-security-saml-configuring-binding-for-sending-saml-messages-to-idp/
Marilee Turscak - MSFT
- 7,367
- 3
- 18
- 28
-
Thanks i was able to able to change the issuer name setting the entityId to https://xxx.mydomain.com in Spring security config for saml. – Dilpreet Kohli Jan 10 '19 at 07:10