search cancel

Two Single Sign On (SSO) requests are causing site to throw a server error

book

Article ID: 174595

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

A generic server error is being thrown while attempting to log in to a web site. In the .har file, there are two Single Sign On (SSO) requests.

Cause

SAML is trying to authenticate you before the browser sends your credentials. This double authentication causes the web server to block the sign on before either is finished, throwing a generic server error.

In the screenshot below, the blue "1" represents the username sent by SAML. The red "2" represents the credentials you entered into the site.

Environment

Web Security Service

Resolution

In your Web Security Service Portal, add the site to the Global Exemptions list for authentication:

  • Go to: Service > Authentication > Authentication Policy > Global Exemptions
  • Click "+ Add Auth Exemption"
    • Source: Any
    • Destination: <for this example, workjam.com>
  • Verdict will be Bypass Authentication
  • Click Activate

After exempting the site, you no longer receive an error, and only your entered credentials are sent to the site.

Attachments