解決samlexception-inresponsetofield-of-the-response-doesnt-correspond-to-sent-mess

sp在校驗samlresponse 根據id在session中的samlrequestid 取出，二者進行對比，這裏若是作idp-init的話 能夠註釋掉。

1第一種方法 WebSSOProfileConsumerImpl 包名package org.springframework.security.saml.websso;

        // Verify response to field if present, set request if correct
        SAMLMessageStorage messageStorage = context.getMessageStorage();
        if (messageStorage != null && response.getInResponseTo() != null) {
            XMLObject xmlObject = messageStorage.retrieveMessage(response.getInResponseTo());
            if (xmlObject == null) {
                 //取消校驗saml Request
                //throw new SAMLException("InResponseToField of the Response doesn't correspond to sent message " + response.getInResponseTo());
            } else if (xmlObject instanceof AuthnRequest) {
                request = (AuthnRequest) xmlObject;
            } else {
                throw new SAMLException("Sent request was of different type than the expected AuthnRequest " + response.getInResponseTo());
            }
        }

若是你一邊使用域名，一邊使用ip的話也會報這個錯誤，最好統一使用域名，或者統一使用ip地址。