Closed pmeulen closed 9 years ago
Note that this depends on: https://github.com/OpenConext/OpenConext-engine-test-stand/issues/1
Confirmed issue exists on SURFconext production (engineblock 3.8.2).
Kind of a duplicate of #55, although that's about logging, not display to user.
@pmeulen how can I reproduce that I don't get the Timestamp, etc...? I now have a working functional test for this but can't reproduce the missing 'feedbackInfo'. The only way I can reproduce this is by simply visiting the URL without it being triggered by EB. In which case there is nothing in the session and it's only logical that it can't state anything about SP / IdP.
If you get the correct error, with a correctly filled template, when the error situation occurs (i.e. an untrusted certificate was used) then I consider this issue fixed. Note that the EB version for which this issue was reported is rather old (pre simplesaml lib).
You currently get the following error: As tested by OpenConext-engine-test-stand. I'm assuming this is correct for now.
When an assertion is signed with an untrusted certificate only the error "Invalid Idp response" is shown. The descriptive "template" is not added to to the message. E.g.: " Untrusted Certificate Signature validation of the authentication response failed. The certificate used to sign the response is not trusted. Certificate fingerprint:
"
Refer to https://wiki.surfnet.nl/display/conextdocumentation/Error+messages+in+Engine for more information.
(From BACKLOG-1384)