Bug ID 958773: [SAML SP] Assertion canonicalization fails if <AttributeValue> contains spaces.

Last Modified: Jan 19, 2023

Bug Tracker

Affected Product:  See more info
BIG-IP APM(all modules)

Known Affected Versions:
15.1.0,,,,,, 15.1.1, 15.1.2,, 15.1.3,, 15.1.4,, 15.1.5,, 15.1.6,, 15.1.7, 15.1.8,

Opened: Oct 26, 2020
Severity: 3-Major


In /var/log/apm [apmd]modules/Authentication/Saml/SamlSPAgent.cpp: 'verifyAssertionSignature()': 5883: Verification of SAML signature #1 failed [apmd]SAML Agent: /Common/xxxxxx failed to process signed assertion, error: Digest of SignedInfo mismatch


Verification of SAML signature fails.


SAML attribute values have double-byte spaces.


Remove double-byte spaces from SAML Attribute values (consult a vendor who populates SAML attribute values for advice on how to remove double-byte spaces).

Fix Information


Behavior Change