Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-12196

SAML2 SP Adapter postSingleSignOnFailure failureCode should be more detailed

    Details

    • Type: Improvement
    • Status: Open
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 5.5.1
    • Fix Version/s: None
    • Component/s: SAML
    • Labels:
    • Support Ticket IDs:

      Description

      When an IdP sends a status code in its SAML2Response, the SP adapter postSingleSignOnFailure receives a failureCode of 1, without detail about the actual Status Code within the response.

      Note that it is possible to find the values by drilling down the ssoResponse > Status > StatusCode> StatusCodeValue and if there is a second level, ssoResponse > Status > StatusCode > StatusCode >StatusCodeValue, but it would be good to differentiate between different failureCode instead. 

      To reproduce:

      1) Create a SP adapter

      2) Run SP in debug mode and stop on the postSingleSignOnFailure method

      3) See description in OPENAM-12195 to simulate a Responder StatusCode from the IdP

      4) When it reaches the postSingleSignOnFailure method in the debugger, notice that failureCode is always 1

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                nathalie.hoet Nathalie Hoet
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: