Problem

I am using JIRA Data Center / Server or Confluence Data Center / Server. In the SAML Single Sign process i will be redirected to the Identity Provider and successful authenticated. If I am returned from the Identitiy provider to JIRA / Confluence I get the error message:

Processing saml failed: com.resolution.samlprocessor.SAMLProcessorException: Assertion signature validation failed

Processing saml failed: com.resolution.samlprocessor.SAMLProcessorException: Neither Response or Assertion contains a valid signature

Solution

  1. The most occurring reason for this error is because the wrong token signing certificate is used. Please check if the right certificate from your Identity Provider is included in the "IdP Token Signing Certificate" field from your plugin configuration.

  2. It could be that your JIRA / Confluence system is using a wrong encoding e.g. "ANSI_X3.4-1968". You can check your System Encoding in the following way:
    • For JIRA Data Center / Server: Choose the cog icon  → System → System info → System Encoding
    • For Confluence Data Center / Server : Choose the cog icon  → General configuration → Encoding

With the wrong system encoding the certificate cant be decoded properly. As solution you can change your encoding back to the standard value "UTF-8" with following steps:

 For JIRA Data Center / Server: 

    • On the <jira/-install>/bin (or <tomcat-home>/bin for JIRA WAR installations) directory, open the setenv.sh(Linux)/setenv.bat(Windows) file.
    • Add the line: JVM_SUPPORT_RECOMMENDED_ARGS="-Dfile.encoding=utf-8" and save it.
    • Restart JIRA.

For Confluence Data Center / Server: 

    • Choose the cog icon , then choose General Configuration under Confluence Administration

    • Choose General Configuration in the left-hand panel.

    • Choose Edit.

    • Enter the "UTF-8" in the text box next to Encoding

    • Choose Save.