Two Single Sign On (SSO) requests are causing site to throw a server error

search cancel

Two Single Sign On (SSO) requests are causing site to throw a server error

book

Article ID: 174595

calendar_today

Updated On:

Products

Cloud Secure Web Gateway - Cloud SWG

Issue/Introduction

A generic server error is being thrown while attempting to log in to a web site. In the .har file, there are two Single Sign On (SSO) requests.

Environment

Web Security Service

Cause

SAML is trying to authenticate you before the browser sends your credentials. This double authentication causes the web server to block the sign on before either is finished, throwing a generic server error.

In the screenshot below, the blue "1" represents the username sent by SAML. The red "2" represents the credentials you entered into the site.

Resolution

In your Web Security Service Portal, add the site to the Global Exemptions list for authentication:

Go to: Service > Authentication > Authentication Policy > Global Exemptions
Click "+ Add Auth Exemption"
- Source: Any
- Destination: <for this example, workjam.com>
Verdict will be Bypass Authentication
Click Activate

After exempting the site, you no longer receive an error, and only your entered credentials are sent to the site.

Attachments

Feedback

thumb_up Yes

thumb_down No