Can't re-login on Amazon AWS through SAML

By: Alexandre Zia Account Admin 04 Apr 2020 at 9:01 a.m. CDT

3 Responses
Alexandre Zia gravatar
I've successfully setup Amazon AWS SAML deferation. Login is working fine through Using this log in URL is: https://my.server.com/idp/profile/SAML2/Unsolicited/SSO?providerId=urn:amazon:webservices However there are two situations: - If I Sign Out from AWS console then try to log in again, through the login url above, in authentication url, Gluu returns status 500: 500 Internal Server Error - If AWS session expires and logs me out (default session is 1 hour), in authentication url, Gluu returns status 500: 500 Internal Server Error Nothing shows in the logs about this status 500, even enabled DEBUG logging but nothing shows. Can someone advice on what do I have to adjust? Thanks in advance
CentOS 7.7
closed

Answers

By Alexandre Zia Account Admin 04 Apr 2020 at 11:17 a.m. CDT

Copy
Alexandre Zia gravatar
Just figured out, after Sing Out from AWS Console, and Tries to log in again, Gluu will error 500, however, if I access: https://my.server.com/idp/Authn/oxAuth/logout Then I'm able to log in into AWS console again, Is there a way to make this automatic? when a user sign out from AWS Console kill the session in Gluu?

By Mohib Zico staff 08 Apr 2020 at 11 a.m. CDT

Copy
Mohib Zico gravatar
Correct, SAML SLO / logout is that `https://[....]/idp/AuthN/oxAuth/logout`. Reference doc: https://www.gluu.org/docs/gluu-server/4.1/operation/logout/#saml-logout

By Alexandre Zia Account Admin 19 Apr 2020 at 8:15 p.m. CDT

Copy
Alexandre Zia gravatar
Hi, in fact it was a bug in shibbolet. I've updated to oxshibbolethIdp-4.1.1.Final.war as per this issue: https://github.com/GluuFederation/oxShibboleth/issues/68 And its working fine now.

Post an answer