When setting up SAML for a ConnectALL installation that is front-ended by a proxy or gateway like Azure App Gateway, the following error is seen in the logs:
ERROR yyyy-MM-DD HH:mm:ss,SSS http-nio-8080-exec-6 org.opensaml.common.binding.decoding.BaseSAMLMessageDecoder - SAML message intended destination endpoint 'https://connectall.example.com/ConnectAll/saml/SSO' did not match the recipient endpoint 'http://localhost:8080/ConnectAll/saml/SSO'
This is caused due to a mismatch between the IdP's redirect URL and ConnectALL's configured URL.
Modify your SamlConfiguration.properties file
Add this line:
ca.base.url=https://connectall.example.com/ConnectAll
Restart the UI service
keywords: SSO okta