RSA Federated Identity Manager (FIM) 3.1
BEA WebLogic 8.1
IBM WebSphere 6.0
In Signing Policy, still want Auth Responses Signed
Missing Destination not handled in SAML Response
Unable to process the Response message, com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
Stack trace in debug.log
2007-04-11 22:56:08,156, (SSOHelper.java:585), SAML20-19, , , , Unable to process the Response message, com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
2007-04-11 22:56:08,171, (AssertionConsumerService.java:71), SAML20-19, , , , A ProfileException was encountered, com.rsa.fim.profile.sso.SSOProfileException: Exception encountered at the top-level of the profile bean: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.sso.SSOHelper.handleThrowable(SSOHelper.java:592)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1506)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
... 14 more
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
com.rsa.fim.profile.sso.SSOProfileException: Exception encountered at the top-level of the profile bean: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.sso.SSOHelper.handleThrowable(SSOHelper.java:592)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1506)
at com.rsa.fim.profile.sso.SSOProfile_5wyj3w_EOImpl.processResponse(SSOProfile_5wyj3w_EOImpl.java:100)
at com.rsa.fim.servlet.sso.AssertionConsumerService.doGet(AssertionConsumerService.java:64)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(ServletStubImpl.java:1077)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:465)
at weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java:348)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:7047)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletContext.java:3902)
at weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java:2773)
at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:224)
at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:183)
Caused by: com.rsa.fim.exception.ProfileException: The response signature cannot be verified: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1325)
at com.rsa.fim.profile.sso.SSOProfileBean.processResponse(SSOProfileBean.java:1128)
... 14 more
Caused by: com.rsa.fim.exception.ProfileException: The policy requires the message be signed, but received an unsigned message
at com.rsa.fim.profile.util.ProfileHelper.verifySignature(ProfileHelper.java:1607)
at com.rsa.fim.profile.util.ProfileHelper.decryptOrVerifyResponse(ProfileHelper.java:1320)
... 15 more
2007-04-11 22:56:08,171, (AssertionConsumerService.java:86), SAML20-19, , , , Exiting : AssertionConsumerService.doGet() : returning void
Please contact RSA Technical Support to obtain hotfix #123.
Related Articles
How to Start/Stop/Access Oracle Enterprise Manager (OEM) in RSA Governance & Lifecycle Number of Views L&G: AFX: java.lang.IllegalArgumentException when Account and CN IDs do not match - LDAPException: Invalid DN Syntax (34) … Number of Views New PIN Mode and Next Tokencode Mode not working from the web pages using RSA Authentication Agent for Web for Apache on R… Number of Views RSA Identity Management and Governance SSLHandshakeException when using a custom Java workflow node on Red Hat Enterprise … Number of Views Move RSA Authentication Manager 8.1 users from the internal database to an external identity source along with their group… Number of Views
Trending Articles
RSA SecurID Software Token 5.0.2 for Windows Desktop displays message after reboot due to roaming profile: No token stor… Downloading RSA Authentication Manager license files or RSA Software token seed records RSA Release Notes for RSA Authentication Manager 8.8 RSA Authentication Manager 8.9 Release Notes (January 2026) How to configure RSA Authentication Manager 8.4 or later to send data to multiple remote syslog servers
