SiteMInder: Users cannot login using SAML post upgraded environment
search cancel

SiteMInder: Users cannot login using SAML post upgraded environment

book

Article ID: 265626

calendar_today

Updated On:

Products

SITEMINDER

Issue/Introduction

Users cannot login using SAML post upgraded environment.

Environment

Release : 12.8.07

Cause

GTWY: Federation

Based on the logs analysis here are the findings.

FWS Trace logs

05/04/2023][09:39:10][760802][140478081058560][28e178f7-3f5062a3-b3656fa8-5c94f295-f5f5427c-67][AssertionConsumer.java][processSAMLResponse][Redirecting user to target url [CHECKPOINT = SSOSAML2_REDIRECTUSERTARGETURL_REQ]]
[05/04/2023][09:39:10][760802][140478081058560][28e178f7-3f5062a3-b3656fa8-5c94f295-f5f5427c-67][AssertionConsumer.java][handleUserRedirection][Enter: handleUserRedirection]
[05/04/2023][09:39:10][760802][140478081058560][28e178f7-3f5062a3-b3656fa8-5c94f295-f5f5427c-67][AssertionConsumer.java][redirectUser][
redirectMode: 3]
[05/04/2023][09:39:10][760802][140478081058560][28e178f7-3f5062a3-b3656fa8-5c94f295-f5f5427c-67][AssertionConsumer.java][redirectUser][Redirecting the user to https://gestestest.popso.it/TesoWeb/sso/saml using '302 No Data' redirect mode.]
[05/04/2023][09:39:10][760802][140478081058560][28e178f7-3f5062a3-b3656fa8-5c94f295-f5f5427c-67][AssertionConsumer.java][doPost][
   processSAMLResponse TIME: 245ms]

Policy Server trace

[05/04/2023][11:39:11.088][139677227017984][][][][SmAuthorization.cpp:642][CSmAz::IsProtected][][][][/login/webfonts/titilliumweb/titilliumweb-regular.ttf][][Not Protected: No matching rules found for resource.][][][][][][][][][]
[05/04/2023][11:39:11.088][139677227017984][][][][SmAuthorization.cpp:644][CSmAz::IsProtected][][][][][][Leave function CSmAz::IsProtected][][][][][][][][][]
[05/04/2023][11:39:11.088][139677227017984][][][][Sm_Az_Message.cpp:412][CSm_Az_Message::SendReply][][][][][][Enter function CSm_Az_Message::SendReply][][][][][][][][][]
[05/04/2023][11:39:11.088][139677227017984][s2166/r675][][][Sm_Az_Message.cpp:837][CSm_Az_Message::FormatAttribute][ag_gestestest][][][][][Send response attribute 146, data size is 0][][][][][][][][][]
[05/04/2023][11:39:11.088][139677227017984][s2166/r675][][][Sm_Az_Message.cpp:837][CSm_Az_Message::FormatAttribute][ag_gestestest][][][][][Send response attribute 147, data size is 0][][][][][][][][][]
[05/04/2023][11:39:11.088][139677227017984][s2166/r675][][][Sm_Az_Message.cpp:607][CSm_Az_Message::SendReply][ag_gestestest][][][][][** Status: Not Protected. ][][][][][][][][][]

As per the FWS trace logs the redirection is happening fine but from the agent perspective the status of the realm is not protected. 

Resolution

Resolution Steps

It was identified that security zones mentioned in ACO and localconfig file has mismatch. On correcting the security zones has resolved the issue.

 

Powered by Wolken Software