[keycloak-user] Keycloak Identity provider SAML LogoutRequest not working with NetIQ Access Manager because it is not signed?
Edgar Vonk - Info.nl
Edgar at info.nl
Tue Jan 29 08:05:18 EST 2019
Hey Hans,
Indeed. You are right. We configured signing of AuthnRequests (and as you found out LogoutRequests) in Keycloak and configured our certificate on the NetIQ side and now both authentication and logging out works. :-) Thanks!
> Hey Ed,
>
> Ouch, bad NetIQ :-( apparently it considers the signature on the request
> as something unexpected, which it really shouldn't...
> However, you should be able to configure the signing certificate of
> Keycloak on the NetIQ side (which you needed to do anyway for the
> validation of the Logout requests) and make it "require" or "expect" signed
> authentication requests from the Keycloak SP.
>
> Hans.
More information about the keycloak-user
mailing list