Details
-
Bug
-
Resolution: Obsolete
-
Major
-
None
-
None
-
None
-
None
Description
When Domain chooser is configured with IDP that are based on signature, user authentication is working only for the IDP configured in picketlink.xml.
When authentication occurs on the second IDP, The SP try to validate the signature of the response using the key used by the first IDP. IF IDP don't use the same key (which must be the case) signature validation fails.