Overview
You get this error:
SECU9050: Cannot confirm subject of assertion of Name Identifier
when testing your secured service with SoapUI by adding the token assertion returned by the login operation to the request header.
The service is secured by implementing SSO to a Service Group using SAML 1.1 provider having a self-signed certificate added to the Trusted Certificate Authorities in AMS and to the Key Certificate configurations on Intermediary. Your Access Point contract has WS-SecurityPolicy 1.1. Security Contract using the mentioned certificate. The Service Group uses HTTPS Listener.
Solution
When doing the SAML 1.1 assertion you get this error because you are copying the pretty print response from the XML view of the SOAP UI Request Editor.
You need to copy the assertion from the RAW view.
Note: There is a known defect registered (ACTA-61316) about SAML 2.0 assertion generation failing. Currently, we do not have an ETA for the fix, so you will need to use SAML 1.1 for such security configurations.
<supportagent>
Agent-only: you can check the status of the defect here: ACTA-61316
</supportagent>