What to do when the Authentication Request to Shibboleth results in a Message Security Error when using Federated SAML
If you encounter the following message:
Message Security Error
The request cannot be fulfilled because the message received does not meet the security requirements of the login service.
And your Identity Provider logs include a message like:
SPSSODescriptor for entity ID 'https://auth.digitaltheatreplus.com'
indicates AuthnRequests must be signed, but inbound message was not signed
Please update the relying-party.xml file with the following override:
<bean parent="SAML2.SSO" p:signRequests="false" />