Uploaded image for project: 'mod-login-saml'
  1. mod-login-saml
  2. MODLOGSAML-107

SAMLException: No idp entityId found for error for POST /saml/login request

    XMLWordPrintable

Details

    • Bug
    • Status: Closed (View Workflow)
    • P3
    • Resolution: Done
    • 2.2.1, 2.4.1, 2.4.2, 2.4.3
    • 2.4.4
    • CP: sprint 127, CP: sprint 128, CP: sprint 129, CP: sprint 130, CP: sprint 131, CP: sprint 132, CP: sprint 133, CP: sprint 135, CP: sprint 136, CP: sprint 137
    • 3
    • Core: Platform
    • Lotus (R1 2022) Bug Fix
    • OTHER

    Description

      Overview:

      The following issue is observed in an Juniper Hotfix-4 environment. mod-login-saml-2.2.1

      SSO works as expected,  but over time we observe 500 error response from POST/saml/login requests and (as a result) SSO is not functioning. Below exception is observed in the logs for mod-login-saml

      **

      1632920603819,13:03:23 [] [] [] [] INFO LogUtil 127.0.0.1:33696 POST /saml/login null HTTP_1_1 500 28 1 tid=fs00001054 Internal Server Error 
1632920606607,13:03:26 [] [] [] [] INFO RestRouting invoking getSamlCheck
1632920606607,13:03:26 [] [] [] [] INFO LogUtil 127.0.0.1:33758 GET /saml/check null HTTP_1_1 200 21 0 tid=fs00001066 OK 
1632920613008,13:03:33 [] [] [] [] INFO RestRouting invoking postSamlLogin
1632920613008,13:03:33 [] [] [] [] ERROR edirectActionBuilder Exception processing SAML login request: No idp entityId found
1632920613008,org.pac4j.saml.exceptions.SAMLException: No idp entityId found

      A restart of the mod-login-saml task resolves this issue

      This issue has been observed in environment with multiple tenants

      Expected Results: SSO should work properly without requiring a restart of mod-login-saml
      Actual Results: Restart of mod-login-saml is required 
      Additional Information:
      Attaching log excerpt for reference
      Interested parties:

      mdriscoll

      TestRail: Results

        Attachments

          Issue Links

            is blocked by

            Story - Created by Jira Software - do not edit or delete. Issue type for a user story. MODLOGSAML-123 IdP container test

            • P2 - normal priority level, must be included in the current development cycle
            • Closed
            relates to

            Story - Created by Jira Software - do not edit or delete. Issue type for a user story. MODLOGSAML-138 Reduce error logging

            • TBD - To be determined
            • Closed

            Bug - A problem which impairs or prevents the functions of the product. FAT-1144 Testing admin user does not have perms.users.assign.immutable

            • TBD - To be determined
            • Closed

            Story - Created by Jira Software - do not edit or delete. Issue type for a user story. MODLOGSAML-70 Periodically recreate SAML clients

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Open

            Bug - A problem which impairs or prevents the functions of the product. MODLOGSAML-140 Mod-login-SAML and mod-login issue

            • TBD - To be determined
            • Closed

            Activity

              People

                julianladisch Julian Ladisch
                cgodfrey Carole Godfrey
                Votes:
                0 Vote for this issue
                Watchers:
                7 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases