Due to changes introduced in 6.5.3 and 7.0.0 SAML Assertion Consumer Service must exactly match.
if a customer edited this to remove the port numbers (80/443 as an example). This will fail after an upgrade
Needs to be outlined as an upgrade consideration
- Configure SAML in 6.5.3 or 7.0.0
- Change the Assertion consumer service to remove the port
- Test and this will fail but Message logging will not have much only
libSAML:10/28/2020 03:46:37:607 PM EDT: Thread[https-jsse-nio-8443-exec-9,5,main]: TransactionId[db55cc6b-0e78-484f-9a02-5eaa18c7561d-315]
SAMLUtils.sendError: error page /saml2/jsp/saml2error.jsp
Audit logs will at least show:
"Invalid Assertion Consumer Location specified"
Correct Assertion Consumer Service to include port.