By: Christian Lav user 30 Oct 2018 at 11:20 a.m. CDT

9 Responses
Christian Lav gravatar
There are 2 possible scenarios,scenario 1 is with the POST method: We are using an application called Password Manager Pro which displays the following error message: "SAML Auth - SAML SSO Failed" We do not reach the login page,we are redirected to Password Manager Pro following message :" SAML Auth - SAML SSO Failed" Scenario #2 : Redirect Method We are redirected to the IDP webpage of Password Manager Pro but the server gives the following message : "Web Login Service -Unsupported Request,the application you have accessed is not registered for use with this service." I would also like to mention that we followed the SAML configuration guide according to the documentation. Regards, Christian

By Michael Schwartz staff 31 Oct 2018 at 10:50 a.m. CDT

Michael Schwartz gravatar
It's probably hard for the supprot staff to figure out your problem, based on the information you sent. Can you include a summary of the configuration for the Trust Relationship. Are there any interesting logs in the `/opt/gluu/jetty/idp/logs` Did you wait 5 minutes to try your SP (Shib IDP needs time to reload oxTrust rendered config)? Can you give a summary of how the website is configured?

By Aliaksandr Samuseu staff 31 Oct 2018 at 12:16 p.m. CDT

Aliaksandr Samuseu gravatar
Hi, Christian. It's as Michael says - we need more details. For example, I'm not sure whether the first issue in your list even covered by the Community support, as there is no proofs that the flow even reaches Gluu Server. It may be a configuration issue on SP's side, and we don't usually offer support for 3rd-party software. In addition to what have been already suggested, I would also ask you to export both your failing flows in HAR files and share with us. Then we'll be able to see what happens. You can use steps listed [here](https://www.inflectra.com/support/knowledgebase/kb254.aspx) - please use Firefox for that task, Chrome's HARs are flawed. Also don't forget to set "Persist log" and "Disable cache" checkboxes in the console to save everything, not just the recently loaded page. Also, please include metadata you used to create TRs for both of those SPs.

By Aliaksandr Samuseu staff 31 Oct 2018 at 12:17 p.m. CDT

Aliaksandr Samuseu gravatar
One more log file you should provide us when you've done reproducing your issues and exporting HARs is `/opt/shibboleth-idp/logs/idp-process.log`

By Aliaksandr Samuseu staff 31 Oct 2018 at 12:31 p.m. CDT

Aliaksandr Samuseu gravatar
Here is how-to on creating HAR files which may be useful. You can use steps listed [here](https://www.inflectra.com/support/knowledgebase/kb254.aspx) - please use Firefox for that task, Chrome's HARs are flawed. Also don't forget to set "Persist log" and "Disable cache" checkboxes in the console to save everything, not just the recently loaded pa

By Christian Lav user 31 Oct 2018 at 5:48 p.m. CDT

Christian Lav gravatar
Hi, We checked with our 3rd party software and they say the problem comes from gluu. Persist log" and "Disable cache" checkboxes in the console to save everything, not just the recently loaded page were checked. Here is the link to the HAR file : https://send.firefox.com/download/6f3f57da48/#pgAv62zosOqAxEKPUJ6kQw I have attached our idp-process log file to this email. Include metadata you used to create TRs for both of those SPs. : Please see word file attached to this email. Can you include a summary of the configuration for the Trust Relationship. (See Word Attached File) Are there any interesting logs in the /opt/gluu/jetty/idp/logs : Logs are empty Did you wait 5 minutes to try your SP (Shib IDP needs time to reload oxTrust rendered config)? : Yes Can you give a summary of how the website is configured? See this link: https://www.manageengine.com/products/passwordmanagerpro/help/saml-single-sign-on.html

By William Lowe staff 01 Nov 2018 at 5:56 a.m. CDT

William Lowe gravatar
>I have attached our idp-process log file to this email. Attachments sent via email will not get added here. In addition, we don't currently support attachments for community users. Best bet would be to host it somewhere and share a link with us.

By Christian Lav user 01 Nov 2018 at 7:23 a.m. CDT

Christian Lav gravatar
Good morning, Since I couldn't add any attachements in yesterday's email.Here's a shared link for the IDP.log file : https://send.firefox.com/download/dec018b6ee/#l4RHcIL0Rg0vr8rfiY59tw Regarding the : metadata you used to create TRs for both of those SPs,I have shared the following link: https://send.firefox.com/download/1a4216c761/#su2mYJK3R8tOBxscv49vLw The previous information that you asked is already in yesterday ticket. Regards, Christian

By Aliaksandr Samuseu staff 18 Nov 2018 at 8:17 p.m. CST

Aliaksandr Samuseu gravatar
Hi, Christian. Are you still experiencing this issue? If you still need assistance with it, could you re-upload all files from before, as those links are dead as of now.

By Christian Lav user 19 Nov 2018 at 8:39 a.m. CST

Christian Lav gravatar
Good morning, You can close this ticket since we have ticket #6299 open for the same issue. Best Regards,