SAML Authentication is failing with "Access Denied" in th JWP log.
search cancel

SAML Authentication is failing with "Access Denied" in th JWP log.

book

Article ID: 188126

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

The SAML authentication is failing with the following error message in the JWP log:

=============================================================================================================
    U00045271 Checking SAML token for Single sign-on.
    U00045325 Received SAML token as '<samlp:Response>'
    U00045322 Assertion validation was successful. Starting with signature validation now.
     U00045318 No signature in SAML response found for destination 'https://xxxxxx:8443/yyy/'.
     U00000009 '&01': Access denied
=============================================================================================================

Environment

Release : 12.3, 21.x

Component : AUTOMATION ENGINE

Cause

The issue is that the SAMLP response is not signed or does not have certificate. As shown below, the SAMLP response does not have any certificate in it. The certificate shown below is only for the SAML Assertion.

Resolution

Please ask the System Administrator to turn on the identity provide(IdP) to make sure the SAMLP response is also signed. An IdP is a service that stores and verifies user identity.

Additional Information

If using Azure, make sure the signing option is set to sign both assertion and response.

 

Powered by Wolken Software