SAML error when using a reverse proxy or gateway for ConnectALL
search cancel

SAML error when using a reverse proxy or gateway for ConnectALL

book

Article ID: 387104

calendar_today

Updated On:

Products

ConnectAll On-Prem ConnectALL

Issue/Introduction

When setting up SAML for a ConnectALL installation that is front-ended by a proxy or gateway like Azure App Gateway, the following error is seen in the logs:

ERROR yyyy-MM-DD HH:mm:ss,SSS http-nio-8080-exec-6 org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder - SAML message intended destination endpoint 'https://connectall.example.com/ConnectAll/saml/SSO' did not match the recipient endpoint 'http://localhost:8080/ConnectAll/saml/SSO'

 

Cause

This is caused due to a mismatch between the IdP's redirect URL and ConnectALL's configured URL.

Resolution

Modify your SamlConfiguration.properties file

Add this line:

ca.base.url=https://connectall.example.com/ConnectAll

Restart the UI service

 

Additional Information

keywords: SSO okta