security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule 100 - SAML protocol message was not signed, skipping XML signature processing

ulisesbocchio / spring-boot-security-saml

spring-security-saml integration with Spring Boot

MIT License

157 stars 72 forks source link

security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule 100 - SAML protocol message was not signed, skipping XML signature processing #64

Closed thaniyarasu closed 6 years ago

thaniyarasu commented 6 years ago

we are getting this error messages, security.SAMLProtocolMessageXMLSignatureSecurityPolicyRule 100 - SAML protocol message was not signed, skipping XML signature processing.

our app server are running behind a ELB in a private subnet, our ssl termination is happening at ELB level. hence the request will reach to our spring-boot-app server with plain http after terminating from ELB.

How can we skip this error messages ? can we disable this siginging SAML protocol message??

ulisesbocchio commented 6 years ago

This has nothing to do with HTTPS, it's telling you the SAML message is not signed. Checkout the -signed ended porperties here: https://github.com/ulisesbocchio/spring-boot-security-saml/blob/master/docs/properties/config-properties.md

You can specify them either through yaml/properties file or using the DSL