Introducing SOC Insights for BloxOne Threat Defense: Boost your SOC efficiency with AI-driven insights to eliminate manual work and accelerate investigation and response times. Read the blog announcement here.

NIOS DNS DHCP IPAM

Reply

problems attempting to set up SAML (via Shibboleth)

[ Edited ]
Authority
Posts: 10
2351     0

Am trying to use SAML (Shibboleth SSO) in a test instance of 8.4.4.  I've registered the grid manager with our IdP and the authentication part seems to work properly (I get rolled through our full authentication process on my first try, once that has been done, succeeding attempts properly skip that), but it keeps throwing me back to the login page.  In the audit trail I'm seeing:

2019-09-18 15:24:54.919Z [AAdzZW...j7r4E7FYy8w]: Login_Denied - - to=AdminConnector ip=134.84.88.5 info=Invalid\040user\040name apparently_via=GUI

When I try it with SAML Tracer, it shows me that my browser is doing a POST back to:

https://<gridmaster>:8765/?acs

The next step starts out a little similar to the apparent username in the error I see in the audit log but is different after the first 12 characters:

POST https://<gridmaster>/ui/?username=AAdz...ETVOw==&password=$6$n...&saml_login=1

There are additional GETs that follow this, most of which seem to be filling out the new page requesting a login again.

 

Any hints or suggestions would be most welcome.

Showing results for 
Search instead for 
Did you mean: 

Recommended for You