xmldsig | Sign and verify digital signatures in native Python with RSA | Cryptography library

I am trying to setup a Custom SAML 2.0 application with AWS SSO. However I have the following error from network tab:

I'm trying use JKS XML signature in Lucee, but when test my code ocurring the follow error

cannot load class through its string name, because no definition for the class with the specified name [java.security.KeyStore.PasswordProtection] could be found caused by (java.lang.ClassNotFoundException:java.security.KeyStore.PasswordProtection;java.lang.ClassNotFoundException:java.security.KeyStore.PasswordProtection;)

Lucee "createObject" function does not imports java.security.KeyStore.PasswordProtection

My code:

I have a soap request in form of a Document (org.w3c.dom) which I want to sign according to this example that has been provided to me:

I want to build a site hosted with Spring Boot and I would like to use AWS SSO as the SAML identity provider for authentication. I have built a PoC application and tried to follow AWS configuration instructions and the Spring SAML examples I could find, but when I browse to my site (on localhost), AWS SSO successfully opens but then fails with "Bad Input".

In my PoC application (which only has code for the authentication and an index page) I have:

• added the spring-security-saml2-service-provider dependency (Spring Boot v2.6.2)
• set up a Custom Application in AWS SSO
• generated a private key and a self-signed certificate
• configured my application properties as follows:

We have a problem connecting keycloak (version 9) with an Active Directory IDP (version3) with SAML: the Azure IDP responds with an empty status response, although we have configured the response attibutes.

Sometimes it works, but most time it produces a login loop. As far as I could see, there is no login performed (no login screen) but the login information from the system is used. (Browseer is firefox)

The SAML response looks like this:

Webapp #1 has a button to webapp #2. When our users click that button, they should be redirected to webapp #2, and be automatically logged-in.

The integration is SAML, so webapp #1 (the IDP) sends a SAML "request" to webapp #2 (the SP), which returns a redirect URL, and webapp #1 redirects to it.

The SP gave me a URL to HTTP POST an assertion identifying the user via the "email" attribute, so I produced this:

I have this xml document in a file:

I am trying to obtain the attached file from the following response of a Soap with attachments response.

I built the SSO integration project, I will be as IDP identity provider and our third party will be as SP services provider.

I used this code https://github.com/OTA-Insight/djangosaml2idp to prepare my Idp. everything is ok and I already tested it by https://sptest.iamshowcase.com/. But I have a question how I can add claims to this generated metadata so that helps our SP use it?

here is the generated metadata file: