- Help and Support | Digital Theatre+
- Authentication
- Guidance for Specific SSO Service Providers
Shibboleth returns message security error for Federated SAML
What to do when the Authentication Request to Shibboleth results in a Message Security Error when using Federated SAML
If you encounter the following message:
Message Security Error
The request cannot be fulfilled because the message received does not meet the security requirements of the login service.
And your Identity Provider logs include a message like:
[org.opensaml.saml.saml2.binding.security.impl.SAML2AuthnRequestsSignedSecurityHandler:77] -
SPSSODescriptor for entity ID 'https://auth.digitaltheatreplus.com'
indicates AuthnRequests must be signed, but inbound message was not signed
Please update the relying-party.xml file with the following override:
<bean parent="SAML2.SSO" p:signRequests="false" />