[OPENAM-10311] Insufficient error logging for "The SAML Request is invalid" Created: 03/Jan/17 Updated: 09/Jan/17 Resolved: 09/Jan/17
|Affects Version/s:||10.0.0, 10.0.1, 10.1.0-Xpress, 10.0.2, 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, 13.0.0|
|Remaining Estimate:||Not Specified|
|Time Spent:||Not Specified|
|Original Estimate:||Not Specified|
Mac OS X - 10.11.6
java version "1.8.0_111"
OpenAM 13.0.0 configured as IdP proxy
SP-initiated SSO, started by sample app of Spring Security SAML extension fails with HTTP Status 500
saml2error.jsp tells 'The SAML Request is invalid', however there is not a single error message or even stacktrace in OpenAM debug logs when debug level is set to error.
--> there is no chance to troubleshoot this issue in productive environment where typically only error level is configured.
|Comment by Bernhard Thalmayr [ 03/Jan/17 ]|
In this specific case the error was an incorrect issuer, but this is only logged at WARNING level, although it later on results in an error.
|Comment by Phill Cunnington [ 04/Jan/17 ]|
Bernhard Thalmayr Did you test against 13.5 or 14 and find the issue is not present?
|Comment by Andrew Vinall [ 09/Jan/17 ]|
Bug Triage: Please re-open if this problem exists in AM14.