App Control: SSO Integration Fails on SAML2:ns2 formatting
search cancel

App Control: SSO Integration Fails on SAML2:ns2 formatting

book

Article ID: 290271

calendar_today

Updated On:

Products

Carbon Black App Control (formerly Cb Protection)

Issue/Introduction

SSO login fails.

Environment

  • App Control (Formerly CB Protection) server: 8.1+
  • IDP: SAML2

Cause

Assertion XML shows:
 
"saml": 
"<Response xmlns=\"urn:oasis:names:tc:SAML:2.0:protocol\" Destination=\"..../default-sp\" ID=\"...\" IssueInstant=\"2020-02-05T15:19:48Z\" Version=\"2.0\">\n
 <ns1:Issuer xmlns:ns1=\"urn:oasis:names:tc:SAML:2.0:assertion\" Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:entity\">...</ns1:Issuer>\n 
<Status>\n <StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"/>\n </Status>\n 
<ns2:Assertion xmlns:ns2=\"urn:oasis:names:tc:SAML:2.0:assertion\" ID=\"....\" IssueInstant=\"2020-02-05T15:19:48Z\" Version=\"2.0\">\n <ns2:Issuer Format=\"urn:oasis:names:tc:SAML:2.0:nameid-format:entity\">...</ns2:Issuer>...
 </ns2:Attribute>\n </ns2:AttributeStatement>\n </ns2:Assertion>\n</Response>"

Resolution

SAML2:ns2 formatting is currently not supported. The fix is being tracked on bug EP-10412.