SAML issue with SimpleSAMLphp as IdP, BIG-IP as SP
have been trying to get SAML working, simpleSAMLphp as IdP and BIG-IP as SP. i believe it works up to the point where the IdP sends its auth succesfull data to the SP, once recieved by the SP i get this error: SAML Agent: /Common/saml_act_saml_auth_ag failed to parse assertion, error: Canonicalization of SignedInfo not sure how to continue from there, so many options and so little information on their exact effect. i built the setup as follows, virtual server with access profile with just start --> SAML auth --> Allow, BIGIP as SP profile with an IdP connection based on uri /, created IdP connection based on metadata from IdP. turned off as many signed and secure options as possible, just testing now, will add later on. anyone here that has setup BIG-IP as SP succesfully with SimpleSAMLphp? can you share some experience?
APM - IdP endpoint not working, returns a 404
I want to connect BIG-IP APM with simpleSAMLphp SP. I followed this guide but when the SP sent the SAML AuthNRequest to the APM IdP, it shows a 404 error. This is how my environment is configured (notice that ip and hostnames here are not real, but has the same look like that originals): Partion: Common hostname: f5.example.com IP Address: 10.4.12.133 (not real) I created a Virtual Address 10.4.12.134 I created a Virtual Server named testsaml: Source Address: 0.0.0.0/0 Destination Address: 10.4.12.134 Service Port: 443 / HTTPS State: Enable SSL Profile (Client): Common/clientssl SSL Profile (Server): Common/clientssl And using an Access Profile test: Partition / Path: Common Parent Profile: access Profile Type:All SSO Domain: Single Domain SSO COnfiguration: testsaml And has an IdP: testsaml with the following data: IdP EntityID: https://f5.example.com/testsaml Artifact Resolution Service: /Common/testsaml Assigned Signing Key and Certificated: /Common/default.key /Common/default.crt Also I registered the SP data and bounded it with the IdP. Why when I do an SP-initiated SSO and the AuthNRequest is sent to the APM IdP SSO endpoint: https://f5.example.com/saml/idp/profile/redirectorpost/sso a 404 is showed? Thanks for your help, I reviewed everything but I can not find the reason.