Hi Sreeja,
I think this is happening because your SAML namespace prefixes is being
reassigned. The line of code "
*file_path = fileutils.write_to_tempfile(assertion.to_string())*" is
raising the exception. The link
https://review.openstack.org/gitweb?p=openstack%2Fkeystone.git;a=commitdiff;h=acdf03
Hi
This is what my log file looks like:
INFO keystone.common.wsgi [-] POST
http://keystone:5000/v3/auth/OS-FEDERATION/saml2/ecp
ERROR keystone.contrib.federation.idp [-] Error when signing
assertion, reason: Command '['xmlsec1', '--sign', '--privkey-pem',
'/etc/keystone/ssl/private/cakey.pem,/etc
Hi Sreeja,
It seems like your private key and/or the ssl certificate you use to auth
does not exist. If you are indeed using key-pair based authentication, make
sure you have the key "signing_key.pem" at the mentioned location, i.e. at
/etc/ssl/private
If this doesn't help, can you then just share
While trying to implement federation, I was getting code 500 errors
when trying to get a SAML assertion from a Keystone instance
configured as identity provider. This is what the Keystone log showed:
INFO keystone.common.wsgi [-] POST
http://172.29.236.100:5000/v3/auth/OS-FEDERATION/saml2/ecp
