Project

General

Profile

Actions
Copy link

PartnerIssue #473

closed

DATEV Arbeitnehmer online PKI problem

Added by Tobias Wich over 7 years ago. Updated over 7 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
Detlef Hühnlein
Target version:
-
Start date:
08/02/2016
Due date:
% Done:

0%

Estimated time:

Description

The following is the SAML Response returned after trying to authenticate against the DATEV Arbeitnehmer online portal.

<?xml version="1.0" encoding="UTF-8"?>
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" 
                Destination="https://secure6.datev.de/saml/SAMLAssertionConsumer/an-online" 
                ID="_aad366c470a2fb24c2065e2632863aae" 
                InResponseTo="_67bb35ed-4542-46b2-b2e5-becccd516185" 
                IssueInstant="2016-08-02T08:05:29.574Z" 
                Version="2.0">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://npa.datev.de:443/</saml:Issuer>
    <samlp:Status>
        <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:AuthnFailed">
            <samlp:StatusCode Value="260"/>
        </samlp:StatusCode>
        <samlp:StatusMessage>
            Internes Konfigurationsproblem Berechtigungs-PKI: Unerwartete Rückmeldung möglicherweise wegen Konfigurationsfehler.
        </samlp:StatusMessage>
        <samlp:StatusDetail>
            <eid:debugInfo xmlns:eid="http://www.eid-service.de/eid/idcard/1.0">ReturnCode: e247fee3</eid:debugInfo>
        </samlp:StatusDetail>
    </samlp:Status>
</samlp:Response>

Files

legacy-switch-car.PNG (24.7 KB) legacy-switch-car.PNG Detlef Hühnlein, 08/02/2016 06:36 PM
Actions
Copy link
 #1

Updated by Detlef Hühnlein over 7 years ago

Problem was due to "wrong" setting of "legacy-switches". The eID-server obviously still needs the "CAR als String" switch.

Actions
Copy link

Also available in: Atom PDF