matt wrote:

>
> Has anyone seen an error like this before right after a SAML Post to
> the IdP:
>
> Warning: Invalid resource key: Signature length not correct: got 128
> but was expecting 256. No prefix!
> Warning: Invalid resource key: Signature length not correct: got 128
> but was expecting 256. No prefix!
> <amLogEntry> 2014-01-17T15:32:42Z INFO NIDS IDFF: AM#500106006:
> AMDEVICEID#EDAAAF41FA680100: Validation failure on message from
> payreview.
> ehr.com : Signature length not correct: got 128 but was expecting 256
> </amLogEntry>
>
>
> I have an app that worked fine under AM 3.1, doing SAML using the
> Artifact method (so the SP directly posts a request to the IdP). Just
> tried switching to a new 4.0 IdP and I get this error. There is a new
> cert being used to generate the signature now (updated in the
> metadata), but this happens no matter what I put in there. I don't
> think the signature is ever even attempted to be validated.


A bit of googling would make me thing this is caused by jave 1.7 that
comes with NAM4 (and 3.2 sp2). NAM 3.1 uses java 1.6. Java 1.7 has
additional security stuff enabled so that is probably causing this. I
found this https://community.oracle.com/message/10700373 and comment #8
would make think that this is caused by but then again, I don't know
what the incoming request looks like.

My suggestion is to open a SR and explain NTS that this SP worked with
NAM 3.1 and not with 4.0.


--
Cheers,
Edward