Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

SAML Errors

The table below lists LDAP errors you may encounter when configuring your tenant with the LDAP SAML Security Manager. Verify the recommended values to resolve.

ParametersValue to VerifyError on Edit Tenant PageError While Accessing Tenant
SP Metadata randomorg.opensaml.xml.parse.XMLParserException: Invalid XMLNA

<md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" ID="http___example.com_8082_frevvo_web_alias_saml" entityID="http://example.com:8082/frevvo/web/alias/saml">
</md:EntityDescriptor>
No error while adding/editing tenantApplication Error when accessing the login URL

javax.servlet.ServletException: org.opensaml.saml2.metadata.provider.MetadataProviderException: No local entity found for alias saml, verify your configuration.

Logs : Same excception with stack

Change domain name to something else e.g. example.com to localhost in the original metadata generatedNo error while adding/editing tenantUI : Web Login Service - Unsupported Request
The application you have accessed is not registered for use with this service.

Logs : No Error

In case the certificates in metadata are invalid and we need to regenerate the metadata.No error while adding/editing tenantWeb Login Service - Message Security Error
IdP metadataSome syntax error in xmlorg.opensaml.xml.parse.XMLParserException: Invalid XMLNA

Removed certificates(tag : <ds:X509Certificate>) from IdP metadata xmlNo error while adding/editing tenantUI: Access Denied. Authentication required.

Logs : 2017-11-02 16:54:25.904  WARN saml 9c539fc6-1afb-4bb7-987f-6fd38b8e260f 7584 --- [http-nio-8082-exec-1] com.frevvo.forms.web.LoginResource       : Login failure

org.springframework.security.authentication.AuthenticationServiceException: Incoming SAML message is invalid
User IdWrong value No error while adding/editing tenantThe IdP login page appears. After login following error on UI:

Application Error

Could not save user null; SQL []; Cannot insert the value NULL into column 'userId', table 'frevvo74.dbo.users'; column does not allow nulls. INSERT fails.; nested exception is com.microsoft.sqlserver.jdbc.SQLServerException: Cannot insert the value NULL into column 'userId', table 'frevvo74.dbo.users'; column does not allow nulls. INSERT fails.

Logs: Same exception with stack trace
First NameWrong value No error while adding/editing tenantNo Error in accessing and using tenant. The firstname remains blank in edit user page. NULL in firstname colum in users table
Last NameWrong value No error while adding/editing tenantNo Error in accessing and using tenant. The firstname remains blank in edit user page. NULL in firstname colum in users table
EmailWrong value No error while adding/editing tenantApplication Error

Could not update user (not password): dl in tenant: saml (id=1020); SQL []; Cannot insert the value NULL into column 'email', table 'frevvo74.dbo.users'; column does not allow nulls. UPDATE fails.; nested exception is com.microsoft.sqlserver.jdbc.SQLServerException: Cannot insert the value NULL into column 'email', table 'frevvo74.dbo.users'; column does not allow nulls. UPDATE fails.

Logs : Same Error with stack
Manager User IdWrong value No error while adding/editing tenantreportsTo column in DB set to NULL. No error anywhere.
GroupsWrong value No error while adding/editing tenantIdP login appears.
After entering credentials, following error is seen and user can not login:

Access Denied. Either you are not authenticated or you do not have the proper permissions/role.

Logs: 2017-11-02 15:48:38.836  WARN saml 15805e17-2a04-43dc-9d91-298da764a915 7584 --- [http-nio-8082-exec-9] com.frevvo.forms.web.LoginResource       : Could not login dl: Access Denied. Either you are not authenticated or you do not have the proper permissions/role.