Affects Version/s: 14.0.0, 14.5.0, 6.0.0, 6.5.0
Fix Version/s: None
Support Ticket IDs:
Many SAML error scenarios return HTTP 500 errors to the browser. These should be handled more gracefully to provide a better user experience
- Configure SP and IDP AM servers
- On the IDP server, do not register the remote SP metadata
- Send SP-init SAML request
- AM, as the IDP, throws Internal Server Error
- Clue in the logs: WARNING: UtilProxySAMLAuthenticator.authenticate: Issuer in Request is not valid.
- Configure SP and IDP AM servers, correctly this time
- Link the demo user on both servers by running a successful SAML flow once
- Now on the SP, de-activate the demo account (set it to 'inactive')
- Run the SP-init SAML flow again.
- Now after authenticating at the IDP successfully, AM (the SP server) throws Internal Server Error after receiving the successful SAML response.
another scenario: when Signature Algorithm is not supported. Internal Server Error shown.