SAML Authnreq signiture format support
Use-case:
I would like for Zitadel to accept signing of Authnreq requests from SP other then within x509 element, like in format:
<dsig:KeyInfo>
<dsig:KeyValue>
<dsig:RSAKeyValue>
<dsig:Modulus>some_value</dsig:Modulus>
<dsig:Exponent>other_value</dsig:Exponent>
</dsig:RSAKeyValue>
</dsig:KeyValue>
</dsig:KeyInfo>
Environment:
self-hosting
Version:
v2.65.0
Stack:
Sonatype Nexus3 repository as SP
From SP perspective, I have configured option: Validate Response Signature to true, but not the Assertion. I would do that as next step.
What you expected to happen:
User is successfully logged in to SP with SAML req and resp signed respectively.
What went wrong:
IdP is reporting issue/error stating:
<StatusMessage>failed to verify signature: Missing x509 Element</StatusMessage>
I would like for Zitadel to accept signing of Authnreq requests from SP other then within x509 element, like in format:
<dsig:KeyInfo>
<dsig:KeyValue>
<dsig:RSAKeyValue>
<dsig:Modulus>some_value</dsig:Modulus>
<dsig:Exponent>other_value</dsig:Exponent>
</dsig:RSAKeyValue>
</dsig:KeyValue>
</dsig:KeyInfo>
Environment:
self-hosting
Version:
v2.65.0
Stack:
Sonatype Nexus3 repository as SP
From SP perspective, I have configured option: Validate Response Signature to true, but not the Assertion. I would do that as next step.
What you expected to happen:
User is successfully logged in to SP with SAML req and resp signed respectively.
What went wrong:
IdP is reporting issue/error stating:
<StatusMessage>failed to verify signature: Missing x509 Element</StatusMessage>
