Uploaded image for project: 'OpenAM Agents'
  1. OpenAM Agents
  2. AMAGENTS-1414

Invalid LARES response error when agent is running in CDSSO mode and profile is stored in a sub-realm.

    XMLWordPrintable

    Details

      Description

      Create agent profile in a sub-realm, set up agent in CDSSO mode. When returning from authentication redirect, agent denies access with the following error message in the log file:

      2018-01-23 00:05:24.385 -0800 WARNING [0x7f7501e10880:22111] Invalid LARES/SAML response - access denied. Token: AQIC5wM2LY4SfcxPKLEuDaUNv7FRo13Ar0SA04gPMr-LM7Y.AAJTSQACMDEAAlNLABM3MzQ5ODc4Njc1MzY4ODY4OTQzAAJTMQAA, RequestID: 68D69698C3CEFBCCC72FEE67CED2D3743587C77C083600B8AF4D6AC408A33BF8, InResponseTo: 68D69698C3CEFBCCC72FEE67CED2D3743587C77C083600B8AF4D6AC408A33BF8, StatusCode samlp:Success, NotBefore: 2018-01-23T08:05:24Z, NotOnOrAfter: 2018-01-23T08:06:24Z, Audience: http://ambate02.internal.forgerock.com:80/amagent?Realm=/sp/eicsii, Time interval valid: 0

        Attachments

          Activity

            People

            mareks Mareks Malnacs
            mareks Mareks Malnacs
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: