Class com.ibm.ws.security.saml.sso20.binding.BasicMessageContextTest

all > com.ibm.ws.security.saml.sso20.binding > BasicMessageContextTest
17

tests
0

failures
0

ignored
0.144s

duration
100%

successful

Tests

Test Duration Result
getCachedInfoRequestInfo 0.003s passed
getDecrypterNullTest 0.017s passed
getDecrypterTest 0.004s passed
getExternalRelayState 0.004s passed
getMetadataProviderTest 0.004s passed
getPeerEntityMetadataTest 0.004s passed
getSsoConfigTest 0.004s passed
getSsoServiceTest 0.003s passed
getUserDataIfReadyNullTest 0.004s passed
getUserDataIfReadyTest 0.015s passed
getValidateAssertionTest 0.004s passed
setAndRemoveCachedRequestInfoNullTest 0.007s passed
setAndRemoveCachedRequestInfoTest 0.010s passed
setIDPSSODescriptorIfEntityIsNullTest 0.036s passed
setIDPSSODescriptorTest 0.013s passed
setKeyDecrypterTest 0.005s passed
setValidateAssertionTest 0.007s passed

Standard output

    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@1f7c98ae
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@1f7c98ae
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@1f7c98ae
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@533c8c81
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@533c8c81
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@533c8c81
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@645cf9b8
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@645cf9b8
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@645cf9b8
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@811695fa
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@811695fa
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@811695fa
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@f2c61209
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@f2c61209
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@f2c61209
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@2727113e
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@2727113e
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@2727113e
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@c28a0465
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@c28a0465
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@c28a0465
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@95a6c7b0
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@95a6c7b0
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@95a6c7b0
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@b7e9ee68
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@b7e9ee68
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@b7e9ee68
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@cde1df14
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@cde1df14
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@cde1df14
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@11155966
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@11155966
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@11155966
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@4508bf04
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@4508bf04
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@4508bf04
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@6bd8b456
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@6bd8b456
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@6bd8b456
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@21f8badc
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@21f8badc
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@21f8badc
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@52c2e314
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@52c2e314
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@52c2e314
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@6cd32f56
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@6cd32f56
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@6cd32f56
    TrConfigZapper.zapTrConfig : finished invoke init()
    TrConfigZapper.zapTrConfig : start invoke init()
init: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@b96a658f
registerLoggerHandlerSingleton: Did BaseTraceService.captureSystemStreams() already get excuted? : false. Current COH is com.ibm.websphere.ras.CapturedOutputHolder@b96a658f
captureSystemStreams: CurrentCOH is : com.ibm.websphere.ras.CapturedOutputHolder@b96a658f
    TrConfigZapper.zapTrConfig : finished invoke init()

Standard error

[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [unmatched format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [correct_issuer] in the SAML assertion is not valid.
[ERROR   ] CWWKS5048E: There is an error while verifying the SAML assertion Signature.
[ERROR   ] CWWKS5049E: The SAML assertion Signature is not trusted or is not valid. [org.opensaml.messaging.handler.MessageHandlerException: The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
	at com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateAssertion(SAMLMessageXMLSignatureSecurityPolicyRule.java:155)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidator.verifyAssertionSignature(AssertionValidator.java:128)
	at com.ibm.ws.security.saml.sso20.acs.AssertionValidatorTest.testVerifyAssertionSignature(AssertionValidatorTest.java:322)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.junit.runners.model.FrameworkMethod$1.runReflectiveCall(FrameworkMethod.java:45)
	at org.junit.internal.runners.model.ReflectiveCallable.run(ReflectiveCallable.java:15)
	at org.junit.runners.model.FrameworkMethod.invokeExplosively(FrameworkMethod.java:42)
	at org.junit.internal.runners.statements.InvokeMethod.evaluate(InvokeMethod.java:20)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at test.common.SharedOutputManager$1.evaluate(SharedOutputManager.java:622)
	at org.junit.rules.TestWatcher$1.evaluate(TestWatcher.java:47)
	at org.junit.rules.RunRules.evaluate(RunRules.java:18)
	at org.junit.runners.ParentRunner.runLeaf(ParentRunner.java:263)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:68)
	at org.junit.runners.BlockJUnit4ClassRunner.runChild(BlockJUnit4ClassRunner.java:47)
	at org.junit.runners.ParentRunner$3.run(ParentRunner.java:231)
	at org.junit.runners.ParentRunner$1.schedule(ParentRunner.java:60)
	at org.junit.runners.ParentRunner.runChildren(ParentRunner.java:229)
	at org.junit.runners.ParentRunner.access$000(ParentRunner.java:50)
	at org.junit.runners.ParentRunner$2.evaluate(ParentRunner.java:222)
	at org.junit.internal.runners.statements.RunBefores.evaluate(RunBefores.java:28)
	at org.junit.internal.runners.statements.RunAfters.evaluate(RunAfters.java:30)
	at org.junit.runners.ParentRunner.run(ParentRunner.java:300)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.runTestClass(JUnitTestClassExecutor.java:112)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:58)
	at org.gradle.api.internal.tasks.testing.junit.JUnitTestClassExecutor.execute(JUnitTestClassExecutor.java:40)
	at org.gradle.api.internal.tasks.testing.junit.AbstractJUnitTestClassProcessor.processTestClass(AbstractJUnitTestClassProcessor.java:54)
	at org.gradle.api.internal.tasks.testing.SuiteTestClassProcessor.processTestClass(SuiteTestClassProcessor.java:53)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:575)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:36)
	at org.gradle.internal.dispatch.ReflectionDispatch.dispatch(ReflectionDispatch.java:24)
	at org.gradle.internal.dispatch.ContextClassLoaderDispatch.dispatch(ContextClassLoaderDispatch.java:33)
	at org.gradle.internal.dispatch.ProxyDispatchAdapter$DispatchingInvocationHandler.invoke(ProxyDispatchAdapter.java:92)
	at jdk.proxy1/jdk.proxy1.$Proxy4.processTestClass(Unknown Source)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker$2.run(TestWorker.java:183)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.executeAndMaintainThreadName(TestWorker.java:132)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:103)
	at org.gradle.api.internal.tasks.testing.worker.TestWorker.execute(TestWorker.java:63)
	at org.gradle.process.internal.worker.child.ActionExecutionWorker.execute(ActionExecutionWorker.java:56)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:122)
	at org.gradle.process.internal.worker.child.SystemApplicationClassLoaderWorker.call(SystemApplicationClassLoaderWorker.java:72)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.run(GradleWorkerMain.java:69)
	at worker.org.gradle.process.internal.worker.GradleWorkerMain.main(GradleWorkerMain.java:74)
]
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [urn:oasis:names:tc:SAML:2.0:cm:holder-of-key] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKSS5065E: The Method attribute [null] for the SubjectConfirmationData element in the the SAML assertion is not supported.  The supported value is ["urn:oasis:names:tc:SAML:2.0:cm:bearer"].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AudienceRestriction] element.  A [AudienceRestriction] element is required.  
[ERROR   ] CWWKS5057E: The NotBefore attribute [3025-03-19T12:25:11.800233177Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5058E: The NotOnOrAfter condition [1026-07-17T12:25:11.812600882Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 minutes.
[ERROR   ] CWWKS5059E: The Conditions element in the SAML assertion contains an attribute [unknown_condition] that is not supported.
[ERROR   ] CWWKS5060E: The value [http://audience.ibm.com] for the Audience element in the SAML assertion is not valid. The expected value for the Audience element is [http://mx-gdl:8010/ibm/saml20/invalid_providerID].
[ERROR   ] CWWKS5052E: The [Audience] attribute on the [Conditions] element in the SAML assertion is missing or empty.  This condition is not allowed.
[ERROR   ] CWWKS5062E: The SessionNotOnOrAfter attribute [2025-11-16T12:22:11.881503419Z] is out of range. The current time is [11/16/25, 12:25 PM]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5008E: The SAML response from the identity provider (IdP) [https://idp.example.org/SAML2] has a status code other than Success.  Status code: [urn:oasis:names:tc:SAML:2.0:status:Invalid]. Status Message:[Invalid URI was found.].
[ERROR   ] CWWKS5010E: The SAML response contains a SAML Assertion version [1.1] that is not supported by the runtime. The required version is 2.0.
[ERROR   ] CWWKS5012E: The destination [http://test.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs] in the SAML response is not valid. The expected destination is [http://test.bad.gdl.mex.ibm.com:9080/ibm/saml20/SAML2/acs].
[ERROR   ] CWWKS5044E: The Issuer element in the SAML assertion has a Format attribute [invalid_format] that is not supported, the format must be omitted or set to [urn:oasis:names:tc:SAML:2.0:nameid-format:entity].
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5045E: The value for the Issuer element [https://idp.example.org/SAML2] in the SAML assertion is not valid.
[ERROR   ] CWWKS5011E: The IssueInstant [3025-03-19T12:25:12.123587417Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.127Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:25:12.191420567Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.192Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:23:12.234896682Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.235Z]. The current clock skew setting is 60 seconds.
[ERROR   ] CWWKS5011E: The IssueInstant [2025-11-16T12:27:12.254350616Z] in the SAML response is out of range. The current time is [2025-11-16T12:25:12.255Z]. The current clock skew setting is 0 seconds.
[ERROR   ] CWWKS5046E: There is an error while verifying the SAML response message Signature.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.messaging.handler.MessageHandlerException]. Cause:[The server is configured with the signature method http://www.w3.org/2001/04/xmldsig-more#rsa-sha512 but the received SAML assertion is signed with the signature method http://www.w3.org/2000/09/xmldsig#rsa-sha1, the signature method provided is weaker than the required.], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateSignatureMethod(SAMLMessageXMLSignatureSecurityPolicyRule.java:220)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluate(SAMLMessageXMLSignatureSecurityPolicyRule.java:202)
  com.ibm.ws.security.saml.sso20.acs.SAMLMessageXMLSignatureSecurityPolicyRule.evaluateProtocol(SAMLMessageXMLSignatureSecurityPolicyRule.java:175)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidator.verifyResponseSignature(ResponseValidator.java:582)
  com.ibm.ws.security.saml.sso20.acs.ResponseValidatorTest.testVerifyResponseSignature_ThrowsSecurityPolicyException(ResponseValidatorTest.java:470)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] CWWKS5041E: The expected RelayState parameter was not included in the SAML response message from the IdP.
[ERROR   ] Cannot process the request because SAML Response from the IdP is missing
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "org.opensaml.saml.saml2.core.Issuer.getFormat()" because "samlIssuer" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.internal.utils.MsgCtxUtil.validateIssuer(MsgCtxUtil.java:260)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateIssuer(AssertionValidator.java:98)
  com.ibm.ws.security.saml.sso20.acs.AssertionValidator.validateAssertion(AssertionValidator.java:74)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:110)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullIssuer(WebSSOConsumerTest.java:319)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    ....
].
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [Subject] element.  A [Subject] element is required.  
[ERROR   ] CWWKS5050E: The SAML assertion does not contain a [AuthnStatement] element.  A [AuthnStatement] element is required.  
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5009E: The SAML Response from Identity Provider [https://idp.example.org/SAML2] does not contain an assertion.
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [java.lang.NullPointerException]. Cause:[Cannot invoke "com.ibm.ws.security.saml.sso20.binding.BasicMessageContextBuilder.buildAcs(javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse, com.ibm.ws.security.saml.SsoSamlService, java.lang.String, com.ibm.ws.security.saml.SsoRequest)" because "ctxBuilder" is null], StackTrace: [
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.handleSAMLResponse(WebSSOConsumer.java:75)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testHandleSAMLResponse_NullInstance(WebSSOConsumerTest.java:382)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
  java.base/java.lang.reflect.Method.invoke(Method.java:575)
    ....
].
[ERROR   ] CWWKS5007E: An internal server error occurred while processing SAML Web Single Sign-On (SSO) request [org.opensaml.xmlsec.encryption.support.DecryptionException]. Cause:[bad_assertion], StackTrace: [
  org.opensaml.saml.saml2.encryption.Decrypter.decrypt(Decrypter.java:109)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumer.decryptEncryptedAssertion(WebSSOConsumer.java:256)
  com.ibm.ws.security.saml.sso20.acs.WebSSOConsumerTest.testDecryptEncryptedAssertion_BadAssertion(WebSSOConsumerTest.java:423)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
  java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    ....
].