09-18-2019 11:25 AM - edited 09-18-2019 12:02 PM
Am trying to use SAML (Shibboleth SSO) in a test instance of 8.4.4. I've registered the grid manager with our IdP and the authentication part seems to work properly (I get rolled through our full authentication process on my first try, once that has been done, succeeding attempts properly skip that), but it keeps throwing me back to the login page. In the audit trail I'm seeing:
2019-09-18 15:24:54.919Z [AAdzZW...j7r4E7FYy8w]: Login_Denied - - to=AdminConnector ip=18.104.22.168 info=Invalid\040user\040name apparently_via=GUI
When I try it with SAML Tracer, it shows me that my browser is doing a POST back to:
The next step starts out a little similar to the apparent username in the error I see in the audit log but is different after the first 12 characters:
There are additional GETs that follow this, most of which seem to be filling out the new page requesting a login again.
Any hints or suggestions would be most welcome.