Layer 7 Access Management

Expand all | Collapse all

SAML federation desnt'work. (SMPORTALURL incorrect valued ?)

Jump to Best Answer
  • 1.  SAML federation desnt'work. (SMPORTALURL incorrect valued ?)

    Posted 05-15-2019 05:54 AM

    Hi to all,

    I've a problem with SAML Federation. SPS and PolicyServer version is 12.8sp2 Siteminder is IdP.

    The problem, I think, is that SMPORTALURL is wrongly populated.

    When I try access to access to FQDN of federated application    I get redirected to auth page, and then to this url

     

    http://sso.test.it/affwebservices/redirectjsp/redirect.jsp?SMPORTALURL=OMKmqJc3L8RTtGLUkVZ5ytKbVIjS6PFTwXcOunOjuxVqmmA1%2BUzk9QXNcfexN4c5ffyqTIRpa4tOBbXt8Bo0HhurZxnyxmlKeR4wf3cHxxHOwIYZipk7R7mScB3NYlPi

     

    HTTP Status 500 – Internal Server Error


    Type Exception Report

    Message An exception occurred processing JSP page /redirectjsp/redirect.jsp at line 105

    Description The server encountered an unexpected condition that prevented it from fulfilling the request.

    Note The full stack trace of the root cause is available in the server logs.

     

     

    I try access to access to FQDN of federated application, I receive no error and I go in to application page.
    I get This behavior even with IDP Initiated connection.

     

    I think the cause is that SMPORTALURL should be the line   "http://......."

     

    Anyway this is the log

     

    Stacktrace:] with root cause
    java.net.URISyntaxException: Illegal character in path at index 48: OMKmqJc3L8RTtGLUkVZ5ytKbVIjS6PFTwXcOunOjuxVqmmA1 Uzk9QXNcfexN4c5ffyqTIRpa4tOBbXt8Bo0HhurZxnyxmlKeR4wf3cHxxHOwIYZipk7R7mScB3NYlPi?SMASSERTIONREF=QUERY
            at java.net.URI$Parser.fail(URI.java:2848)
            at java.net.URI$Parser.checkChars(URI.java:3021)
            at java.net.URI$Parser.parseHierarchical(URI.java:3105)
            at java.net.URI$Parser.parse(URI.java:3063)
            at java.net.URI.<init>(URI.java:588)
            at com.netegrity.affiliateminder.webservices.c.sendRedirect(fedfws_obfsc:53)
            at org.apache.jsp.redirectjsp.redirect_jsp._jspService(redirect_jsp.java:190)
            at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
            at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:453)
            at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:395)
            at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:339)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
            at com.netegrity.affiliateminder.webservices.CAFedFilter.doFilter(fedfws_obfsc:58)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
            at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:219)
            at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:110)
            at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:494)
            at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169)
            at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:113)
            at com.netegrity.proxy.ProxyValve.processRequest(Unknown Source)
            at com.netegrity.proxy.ProxyValve.invoke(Unknown Source)
            at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
            at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:445)
            at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:190)
            at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:637)
            at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:316)
            at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
            at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
            at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
           at java.lang.Thread.run(Thread.java:748)

    mag 15, 2019 12:31:43 PM org.apache.catalina.valves.ErrorReportValve report
    GRAVE: Exception
    mag 15, 2019 12:31:43 PM org.apache.catalina.valves.ErrorReportValve report
    GRAVE: org.apache.jasper.JasperException: An exception occurred processing JSP page /redirectjsp/redirect.jsp at line 105

    102:    //System.out.println(referer + "?" + queryString);
    103:
    104:    //redirect the user back to PORTALURL with all the query params
    105:    response.sendRedirect(URLDecoder.decode(referer, "UTF-8") + "?" + queryString );
    106: }
    107: %>

     

     

     

    Thanks in advance.

     

     

     

     

     






  • 2.  Re: SAML federation desnt'work. (SMPORTALURL incorrect valued ?)
    Best Answer

    Posted 05-15-2019 10:39 AM

    I'm sorry it was my fault! 
    The URL was encoded because I check for mistake the option "Use Protected Url" in federation!