We have configured a SAML1.1 Service Provider on NAM 3.2 SP2.
We want to avoid the assertion sign validation by Identity Provider for
a given Service Provider

When we send an artifact resolution request to the IDP we receive a
response with the error message "Invalid or no signature or bad client

In our configuration:
- We unchecked the "Want assertion to be signed" option. Does it mean
that IDP can validate a non-signed artifact resolution request sent by
the SP?
- The "Message signing" option is selected in the "SOAP Back Channel
Security Method". Does it mean that the messages from IDP to SP need to
be signed?

Thanks in advance,


moularbi's Profile: https://forums.netiq.com/member.php?userid=1196
View this thread: https://forums.netiq.com/showthread.php?t=51551