Problem

I am using JIRA or Confluence. In the SAML Single Sign process i will be redirected to the Identity Provider and successful authenticated. If I am returned from the Identitiy provider to JIRA/Confluence I get the error message:

Processing saml failed: com.resolution.samlprocessor.SAMLProcessorException: Assertion signature validation failed

Processing saml failed: com.resolution.samlprocessor.SAMLProcessorException: Neither Response or Assertion contains a valid signature

Solution

  1. The most occurring reason for this error is because the wrong token signing certificate is used. Please check if the right certificate from your Identity Provider is included in the "IdP Token Signing Certificate" field from your plugin configuration.

  2. It could be that your JIRA/Confluence system is using a wrong encoding e.g. "ANSI_X3.4-1968". You can check your System Encoding in the following way:
    • For JIRA: Choose the cog icon  → System → System info → System Encoding
    • For Confluence : Choose the cog icon  → General configuration → Encoding

With the wrong system encoding the certificate cant be decoded properly. As solution you can change your encoding back to the standard value "UTF-8" with follwing steps:

 For JIRA: 

    • On the <jira/-install>/bin (or <tomcat-home>/bin for JIRA WAR installations) directory, open the setenv.sh(Linux)/setenv.bat(Windows) file.
    • Add the line: JVM_SUPPORT_RECOMMENDED_ARGS="-Dfile.encoding=utf-8" and save it.
    • Restart JIRA.

For Confluence: 

    • Choose the cog icon , then choose General Configuration under Confluence Administration

    • Choose General Configuration in the left-hand panel.

    • Choose Edit.

    • Enter the "UTF-8" in the text box next to Encoding

    • Choose Save.