App Control: SAML Login Fails After Upgrade to Server 8.10.2
search cancel

App Control: SAML Login Fails After Upgrade to Server 8.10.2

book

Article ID: 286601

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

  • After completing authentication with the Identity Provider (IdP) an HTTP Error 500 is encountered on the URL:
    https://ServerAddress/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp
  • Errors in the PHPErrors log similar to:
    PHP Fatal error:  Uncaught Error: Class "SimpleSAML\Error\Assertion" not found in C:\Program Files (x86)\Bit9\Parity Console\WebUI\simplesamlphp\www\_include.php:7
    Stack trace:
    #0 C:\Program Files (x86)\Bit9\Parity Console\WebUI\simplesamlphp\www\module.php(8): require_once()
    #1 {main}
      thrown in C:\Program Files (x86)\Bit9\Parity Console\WebUI\simplesamlphp\www\_include.php on line 7
    

Environment

  • App Control Server: 8.10.2
  • SAML Integration

Cause

This issue was tracked and investigated under EA-24309.

Resolution

This issue was addressed with the release of Server 8.10.4 (EP-20492).

Additional Information

Previously the workaround to restore SAML was:
  1. Log in to the application server hosting the Console as the Carbon Black Service Account.
  2. Use an administrative command prompt to issue the following two commands:
    C:\WINDOWS\sysWOW64\inetsrv\appcmd.exe delete vdir /vdir.name:"Parity Console Web"/"SimpleSAML"
    C:\WINDOWS\sysWOW64\inetsrv\appcmd.exe add vdir /app.name:"Parity Console Web/" /path:/SimpleSAML /physicalPath:"C:\Program Files (x86)\Bit9\Parity Console\WebUI\simplesamlphp\public"