ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

SAML Authentication is failing with "Access Denied" in th JWP log.

book

Article ID: 188126

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

The SAML authentication is failing with the following error message in the JWP log:

=============================================================================================================
20200330/133818.168 - 41     U00045271 Checking SAML token for Single sign-on.
20200330/133818.934 - 41     U00045325 Received SAML token as '<samlp:Response>'
20200330/133818.965 - 41     U00045322 Assertion validation was successful. Starting with signature validation now.
20200330/133818.965 - 41     U00045318 No signature in SAML response found for destination 'https://casplda02:8443/ecc/'.
20200330/133818.965 - 41     U00000009 '&01': Access denied
=============================================================================================================

Cause

The issue is that the SAMLP response is not signed or does not have certificate. As shown below, the SAMLP response does not have any certificate in it. The certificate shown below is only for the SAML Assertion.

Environment

Release : 12.3

Component : AUTOMATION ENGINE

Resolution

Please turn on the IdP to make sure the SAMLP response is also signed.

Attachments