Tracing a failed SAML 2.0 SSO shows similar errors:
Received unsigned authentication Response (top level status code: urn:oasis:names:tc:SAML:2.0:status:Success, second level status code: <null>) from Identity Provider: https://<idp_host> through binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
SAML2Assertion received could not be decrypted
Caused by: com.sap.engine.lib.xml.signature.SignatureException: EME-OAEP_DECODE error - pHash does not equal pHash'
SAML2Assertion validation failed.
com.sap.security.saml2.sp.exception.BadCredentialsException: Rejected not signed Response
SAP NetWeaver Release Independent
KBA , BC-JAS-SEC-SML , JAVA SAML 1.1 and 2.0 , BC-JAS-SEC-LGN , Logon, SSO , Problem
About this pageThis is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).
Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.