Thick Workstation client and SAML

book

Article ID: 141279

calendar_today

Updated On:

Products

INTROSCOPE

Issue/Introduction

The documentation for SAML configuration for APM covers which UIs it does support (WebView, Web Start Workstation, and Command Center) but does not mention the Thick / StandAlone Workstation Client.

Cause

If SAML is enabled by setting the following property value in the IntroscopeEnterpriseManager.properties file

introscope.saml.enable=true


then the Enterprise manager will always redirect to the SAML Idp for authentication. So even if multiple realms are defined in the realms.xml file these will only be accessed for authorization after authentication has succeeded. Therefore when using the Thick workstation client authentication will fail as there is no Web UI involved for SAML to work with.

Environment

APM 10.x

Resolution

The Thick / Standalone Workstation Client cannot be used when SAML is enabled.