Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-1194

Unable to get AuthnRequest error in multiserver setup

    Details

    • Type: Bug
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 9.5.4, 14.0.0
    • Fix Version/s: None
    • Component/s: SAML
    • Environment:
      with SAML SFO enabled
    • Support Ticket IDs:

      Description

      • SP sends the AuthnRequest to IdP1
      • authentication fails
      • user presses the return to login link
      • correct credentials has been provided
      • upon redirect to the SAML endpoint (which would actually create the SAMLResponse) the request goes to IdP2

      Since the AuthnRequests are not saved in the SAMLv2Failover system, but only persisted in local caches, IdP2 will fail to recover the AuthnRequest, and the SAML authn will fail.

      The SAML AuthnRequest should be saved in the SFO, when enabled.

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                peter.major Peter Major [X] (Inactive)
              • Votes:
                6 Vote for this issue
                Watchers:
                22 Start watching this issue

                Dates

                • Created:
                  Updated:

                  Time Tracking

                  Estimated:
                  Original Estimate - 7h Original Estimate - 7h
                  7h
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 10h
                  10h