Question

4
Replies
844
Views
Close popover
Bill Chan (BillC931)
Atesis Pty Ltd

Atesis Pty Ltd
AU
BillC931 Member since 2017 3 posts
Atesis Pty Ltd
Posted: March 9, 2018
Last activity: April 27, 2018
Closed
Solved

SAML WebSSO SHA1 issue with ADFS

Hi,

I am trying to configure Desktop SSO between Pega(SP) and ADFS(IDP) but getting the following error:
Unable to process the SAML WebSSO request : The Response did not contain any Authentication Statement that matched the Subject Confirmation criteria

I can see in the logs that the SAML Web SSO Authentication Activity (Step: AuthService.pySAMLWebSSO) is generating a SAML request with a SHA1 signature:
Generated authentication request : <saml2p:AuthnRequest....<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

But ADFS is generating a SHA256 signature method response.

Is there any way to configure Pega such that it uses a "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" signature method algorithm?

The method samlutils.createAuthenticationRequest passes in a Data-Admin-Security-SSO-SAML class type, but there is no property to set the signature method algorithm.

Thanks,

Bill

***Updated by moderator: Lochan to tag SR to post***

Security Support Case Created
Moderation Team has archived post,
Close popover This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.