Layer7 Access Management

Expand all | Collapse all

HTTP-POST Binding is not working with SP-Initiated Federation in SiteMinder version 12.52 in IE and Google Chrome

  • 1.  HTTP-POST Binding is not working with SP-Initiated Federation in SiteMinder version 12.52 in IE and Google Chrome

    Posted 02-10-2017 03:17 PM

    Hello All,

     

    I am having an issue with SP-initiated federation when SP using HTTP-POST as there HTTP-BINDING. I found this CA knowledge base document regarding to this issue.

     

    Here is the link:

    https://www.ca.com/us/services-support/ca-support/ca-support-online/knowledge-base-articles.tec1344266.html 

     

    According to this KD prior to SiteMinder version 12.52, HTTP-POST will not work with SP-Initiated if they are using HTTP-POST as their HTTP-BINDING and it always be a HTTP-REDIRECT. But from the version of SiteMinder 12.52, CA introduced both HTTP-POST and HTTP-REDIRECT into mix.

     

    My issue is our SP provider is using HTTP-POST as HTTP-BINDING and it is working on Mozilla FireFox and it is not working on Chrome and IE. If SP is using HTTP-REDIRECT as HTTP-BINDING it is working on all three browsers.From IDP side we are allowing both HTTP-REDIRECT and HTTP-POST. I just want to know if anybody is having a similar issue or is there any resolution for this?

     

    Error message from affwebserv.log

    [26169/4135487232][Mon Feb 06 2017 20:11:58][SSO.java][ERROR][sm-FedClient-02380] No SAMLRequest or SPID parameter in request to SAML2 Single Sign-On Service.

     

    Version Info:

    SiteMinder Policy server : 12.52.105.2113

    SiteMinder Option pack Agent :12.52.100.499



  • 2.  Re: HTTP-POST Binding is not working with SP-Initiated Federation in SiteMinder version 12.52 in IE and Google Chrome

    Posted 02-13-2017 11:28 AM

    Hi Naveen,

    please open a support ticket so that we can fully review your log files.  When you open the ticket, please provide the following logs:

     

    -Policy server trace

    -Fiddler trace from IE use case and also Firefox use case

    -FWSTrace log

    -Agent trace log

     

    Thank you,

    Justin