We Keep Coding

SAML error with Kubernetes: ‘InResponseToField of the Response doesn’t correspond to sent message’

I am having a recurring issue with shinyproxy (currently 2.5.0 - based on Springboot) hosted within a kubernetes cluster (currenty a single node). I'm using Auth0 with SAML. Traffic goes through a Nginx ingress controller that does TLS termination and has a fairly basic configuration. What I don't understand is that I will get the following error, but only once in a while. If I try to login, I will get the error, but then after that, if I go back to the login page and try to log in again, everything works fine.
o.s.security.saml.log.SAMLDefaultLogger : AuthNResponse;FAILURE;[Auth0 URN];;;org.opensaml.common.SAMLException: InResponseToField of the Response doesn't correspond to sent message a12g399012cidi7i2i3ha3ha4h6e6jc
at org.springframework.security.saml.websso.WebSSOProfileConsumerImpl.processAuthenticationResponse(WebSSOProfileConsumerImpl.java:175)
at org.springframework.security.saml.SAMLAuthenticationProvider.authenticate(SAMLAuthenticationProvider.java:88)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:199)
at org.springframework.security.authentication.ProviderManager.authenticate(ProviderManager.java:219)
...
This made me think of a cookies problem, however adjusting the shinyproxy server/proxy configuration for cookies did not change anything. Shinyproxy configuration has:
server:
secure-cookies: true
proxy:
same-site-cookie: None
In the browser when I try to log in I get the following error message:
Error
Status code: 200
Message: Error validating SAML message
Stack Trace:
org.springframework.security.authentication.AuthenticationServiceException: Error validating SAML message
...
Anyone has an idea of what I am missing? I would really appreciate it! Thank you!

Cannot access wso2is.local:port:/carbon, can access via IP:port:/carbon

I've been attempting to set up service and identity providers within wso2is. I've been following the documentation, using the 'travelocity' sample. After having configured inbound authentication with SAML2 Web SSO (from the following documentation: https://docs.wso2.com/display/IS580/Adding+and+Configuring+a+Service+Provider#AddingandConfiguringaServiceProvider-SAML-SSOConfiguringinboundauthenticationwithSAML2WebSSO )
I've attempted to reconfigure the service providers, but the errors I get whenever I try and access ':/travelocity.com' from a remote workstation in Chrome are as follows;
using https://:8080/travelocity.com
/ Error 405 - Method Not Allowed
using https://wso2is.local:9443/travelocity.com
/ "This site can’t be reached wso2is.local’s server IP address could not be found.
DNS_PROBE_FINISHED_NXDOMAIN"
Same result without https.
using https://:9443/travelocity.com
/ "Error 405 - Method Not Allowed"
using https://wso2is.local:8080/travelocity.com
/ "This site can’t be reached wso2is.local’s server IP address could not be found.
DNS_PROBE_FINISHED_NXDOMAIN"
Same result without https.
using http://:9443/travelocity.com
/ " sent an invalid response.
ERR_INVALID_HTTP_RESPONSE"
using http://:8080/travelocity.com
/ Returns apache's default 404 page.
I'm looking for suggestions or advice, as this my first attempt at configuring a wso2is enviroment.

using https://:8080/travelocity.com / Error 405 - Method Not Allowed
This occurs because you havent specified the host.
Open etc/host file. add the following line and try the flow again.
127.0.0.1 wso2is.local
Otherwise, just try with https://localhost:8080/travelocity.com
For more information please refer
https://docs.wso2.com/display/IS580/Configuring+Single+Sign-On

Amazon command line tool http error

I have amazon command line tool to post HITs to Mturk. But there seems to be a problem with the mturk URL in mturk.properties. It keeps asking for https.
I searched for the solution in aws forums, with most stating simply change the URL from http to https. I have tried and get the following error
An error occurred while fetching your balance: >javax.net.ssl.SSLPeerUnverifiedException: HTTPS hostname invalid: expected >'176.32.98.23', received 'mechanicalturk.amazonaws.com'

How to send a webservice request in jmeter to https rather than http

I have created a new project using the template 'Building a SOAP WebService Test Plan' in jmeter (followed the steps in the tutorial from the apache jmeter website to set this up). The responses aren't being accepted and in the results log I am seeing the message:
1446205258738,20995,Soap Request,Non HTTP response code: org.apache.http.conn.HttpHostConnectException,Non HTTP response message: Connection to http://(server name).com refused,Number of Users 1-10,text,false,2273,1,1,0
It's making the connection to http rather than https which I think is why the connection is not being made. Is there anyway to change this? I've tried using the different implementations in the soap request but this hasn't worked, currently using HttpClient4.
Please see the http request details
HTTP REQUEST DETAILS

As per #Rage answer (who should answer in response not comment , I'll be happy to remove my answer if he does), just change :
Protocol [http] value to https
See:
As per your last comment, you modified to https and now you face another issue , getting a 404.
So most probably your Path or Server Name or IP are wrong, as the hoster or developer for the correct connection informations.

wsimport with special character and Xauthfile

I'm facing the same problem that this guy here:
wsimport Xauthfile error
Since he didn't gave a feedback and I'm new here and can't ask him if he solved his problem I'm opening a new question.
I'm using ubuntu and have JDK7 from java oracle installed.
I'm consuming a thirdparty web service. The password (...GT##ED...) for the webservice have a character that conflicts with de -Xauthfile syntax (http[s]://user:password#host:port//) because of the "#". The dots (...) represents the rest of my password.
Here is the command I'm running:
wsimport -p loa -Xauthfile "path_to_auth.txt" https://myWS?wsdl
In my auth.txt file I have:
https://user:...GT##ED...#myWS?wsdl
In return a get
parsing WSDL...
[ERROR] Server returned HTTP response code: 401 for URL: https://myWS?wsdl,
"https://myWS?wsdl" needs authorization, please provide authorization file with
read access at /home/user_name/.metro/auth or use -Xauthfile to give the
authorization file and on each line provide authorization information using this
format : http[s]://user:password#host:port//<url-path>
I search all over the net, but no success.
When I try to import the WS using SoapUI like in this tutorial I got a
[ERROR] sun.security.validator.ValidatorException: PKIX path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid
certification path to requested target
and I don't know where to specify the ssl file for SoapUI. I tryed in
preferences -> SSL Settings
but no lucky.
That's it. I'll apreciate any help.
EDIT
OK, so I pass through the authorization, changing the characters using the HTML URL Encoding Reference, but now I'm getting the following error
[ERROR] Server redirected too many times (20), "https://ws?wsdl" needs
authorization, please provide authorization file with read access at /home/user
/.metro/auth or use -Xauthfile to give the authorization file and on each line
provide authorization information using this format :
http[s]://user:password#host:port//<url-path>

I am using Apache axis2 instead of wsimport. first this problem happened for me, and I write a bash script and it worked.
#!/bin/bash
/axis2-1.7.9/bin/wsdl2java.sh -uri http://username:password#domain/x?wsdl
I also use encoding password and username by 'url encoding' such as bellow:
##%g3E99! -(URL encoding)-> %40%23%25g3E99%21

First create auth.txt file where you need to put the following and save it in C drive:
http://username:password#localhost:port/wsdlurl
Now run the following command:
wsimport -Xauthfile C:\auth.txt -keep http://example.com/test?wsdl
This worked for me.