OpenAM SAML Configuration as Service Provider and Session/Browser

Tagged: 

This topic contains 1 reply, has 1 voice, and was last updated by  Vani 1 week, 4 days ago.

  • Author
    Posts
  • #25363
     Vani 
    Participant

    Hello,
    I have question regarding SAML authenticaiton and Browser/Session.

    I have configured openam instance realm ‘samlsp’ as a service provider and integrated with IdentityProvider.
    Realm Organization Authentication Configuration is configured to use SAML Authentication Module.
    No LoadBalancer and Only 1 openam instance configured.

    When we open a new browser ( any IE/FF/Chrome) and enter login url for SAML configured realm.

    http://<…>:8080/openam/XUI/#login/samlsp

    and wait for IDP Login Page to load with configured IDP Login page —> Don’t login.

    NOW: try to open new TAB in same browser OR open new window ( not incognito) and reenter :

    http://<…>:8080/openam/XUI/#login/samlsp

    This new tab or browser fails with ‘Unable to link local user to remote user’ with constantly ‘Loading…’ page.

    Where as in first browser where Login page was loaded, if we try to login now it fails with :

    HTTP Status 500 – Internal Server Error
    Type Exception Report

    Message AMSetupFilter.doFilter

    Description The server encountered an unexpected condition that prevented it from fulfilling the request.

    Exception

    javax.servlet.ServletException: AMSetupFilter.doFilter
    com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:135)
    org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:51)
    Root Cause

    org.apache.jasper.JasperException: java.lang.IllegalStateException: Request not valid!
    org.apache.jasper.servlet.JspServletWrapper.handleJspException(JspServletWrapper.java:565)
    org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:476)
    org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:385)
    org.apache.jasper.servlet.JspServlet.service(JspServlet.java:329)
    javax.servlet.http.HttpServlet.service(HttpServlet.java:742)
    org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    org.forgerock.openam.cors.CORSFilter.doFilter(CORSFilter.java:120)
    org.forgerock.openam.validation.ResponseValidationFilter.doFilter(ResponseValidationFilter.java:44)
    com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:106)
    org.forgerock.openam.audit.context.AuditContextFilter.doFilter(AuditContextFilter.java:51)
    Root Cause

    java.lang.IllegalStateException: Request not valid!
    org.forgerock.openam.authentication.modules.saml2.SAML2Proxy.getUrlWithKey(SAML2Proxy.java:239)
    org.forgerock.openam.authentication.modules.saml2.SAML2Proxy.getUrl(SAML2Proxy.java:225)
    org.forgerock.openam.authentication.modules.saml2.SAML2Proxy.processSamlResponse(SAML2Proxy.java:133)
    org.apache.jsp.saml2.jsp.saml2AuthAssertionConsumer_jsp._jspService(saml2AuthAssertionConsumer_jsp.java:113)
    org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)

    Using OpenAM 13.0.0 version. Want to know if there is any issues with this version. If this can be resolved with any configuration Or any suggestion to resolve this issue will be appreciated.

    #25488
     Vani 
    Participant

    Hello,
    Trying to followup to see if someone has any solution to this issues with SAML/Multiple Tabs(Browser) issues.
    Thanks,
    Vani

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?