relaxnow
commented
10 years ago Note that this depends on: https://github.com/OpenConext/OpenConext-engine-test-stand/issues/1
Closed pmeulen closed 9 years ago
relaxnow
commented
10 years ago Note that this depends on: https://github.com/OpenConext/OpenConext-engine-test-stand/issues/1
pmeulen
commented
10 years ago Confirmed issue exists on SURFconext production (engineblock 3.8.2).
thijskh
commented
10 years ago Kind of a duplicate of #55, although that's about logging, not display to user.
relaxnow
commented
9 years ago @pmeulen how can I reproduce that I don't get the Timestamp, etc...? I now have a working functional test for this but can't reproduce the missing 'feedbackInfo'. The only way I can reproduce this is by simply visiting the URL without it being triggered by EB. In which case there is nothing in the session and it's only logical that it can't state anything about SP / IdP.
pmeulen
commented
9 years ago If you get the correct error, with a correctly filled template, when the error situation occurs (i.e. an untrusted certificate was used) then I consider this issue fixed. Note that the EB version for which this issue was reported is rather old (pre simplesaml lib).
relaxnow
commented
9 years ago You currently get the following error:
As tested by OpenConext-engine-test-stand.
I'm assuming this is correct for now.
When an assertion is signed with an untrusted certificate only the error "Invalid Idp response" is shown. The descriptive "template" is not added to to the message. E.g.: " Untrusted Certificate Signature validation of the authentication response failed. The certificate used to sign the response is not trusted. Certificate fingerprint:
"
Refer to https://wiki.surfnet.nl/display/conextdocumentation/Error+messages+in+Engine for more information.
(From BACKLOG-1384)