Symptom
Tracing a failed SAML 2.0 SSO shows similar errors:
Received unsigned authentication Response (top level status code: urn:oasis:names:tc:SAML:2.0:status:Success, second level status code: <null>) from Identity Provider: https://<idp_host> through binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
SAML2Assertion received could not be decrypted
Caused by: com.sap.engine.lib.xml.signature.SignatureException: EME-OAEP_DECODE error - pHash does not equal pHash'
SAML2Assertion validation failed.
[EXCEPTION]
com.sap.security.saml2.sp.exception.BadCredentialsException: Rejected not signed Response
Read more...
Environment
SAP NetWeaver Release Independent
Product
Keywords
EME-OAEP_DECOD, pHash, SAML2 Assertion, received could not be decrypted, , KBA , BC-JAS-SEC-SML , JAVA SAML 1.1 and 2.0 , BC-JAS-SEC-LGN , Logon, SSO , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.