'org.keycloak.common.VerificationException: SigAlg was null with SkySpark

I'm trying to set up SAML integration between Skyspark as service provider and keycloak as Identity Provider. I have done below,

  1. Copy Skyspark SAML metadata xml and created a client in keyclaok with the xml file
  2. Get the metdata URL from keycloak and added into the Skyspark SAML SSO

When I access skyspark it redirects to keycloak login page and showing an error Invalid requester. The backend has below errors,

 ERROR [org.keycloak.protocol.saml.SamlService] (default task-4) request validation failed: org.keycloak.common.VerificationException: SigAlg was null

I tried with disabling Client Signature Required, It shows me the login page, But after successful authentication skyspark shows up SAML Authentication Failed. I see there is SAML response in the browser network tab.

Is there any signature validation issue at both ends? Should I do any other config apart from above ?

keycloaksaml-2.0


Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source

Related Questions

Logging into SAML/Shibboleth authenticated server using python

InvalidSignatureException: Signature is invalid

Howto disable signature verification in Spring Security SAML 5.6.1?

How to specify CryptoComply algorithm provider in new Spring SAML2?

SAML Attribute Mapping for Aws Cognito - Signup or Signin works but not both

SAML SP Metadata XML SSO, Recipient and Destination URLs

SAML2 Authentication using ASP.NET with ADFS Federation meta data

curl lib in php needs html button click

SAML authentication in OpenSerch giving error "Could not find IDPSSODescriptor" with keycloak

How to get metadata xml for SAML IdP initiated SSO

Get expiration date of signing certificate(s) within a SAML metadata file

Decrypting encrypted encoded string containing SAML assertion using OpenSAML in java

Write code to process the saml request from sp and generate saml response

Wrong Issuer in ClaimsIdentity on Itfoxtec binding

SAML is not honouring Token Lifetime