@Maria Joseph Vimalan ,
We working with Broadcom Support troubleshooting SAML setup on our TEST system before we can implement this on PROD.
I believe our internal IDP was initially also throwing that error due to AWI application was doing POST and not sending SAMLRequest in message body but sending it as a part of URL query parameters. IDP on POST was expecting the SAMLRequest to be in the message body, so it could not parse empty message.
What helped us:
#1. If your IDP metadata have both entries for HTTP-Redirect and HTTP-POST then remove the HTTP-Redirect from metadata for the KEY in the UC_SAML_SETTINGS
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://xxxxxxxxxxx/saml2/sso"/>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://xxxxxxxxxx/saml2/sso"/> (remove this line)
This should force the AWI to place SAMLRequest when POSTing to IDP into message body.
#2. Also on IDP side ensure that complete SAMLResponse message is signed.
With that said, we are still troubleshooting few things with Broadcom and SAML configurations, but at least that "Illigal XML Character" error is gone.
It looks like you had started this SAML setup process earlier than us.
Where you completely successful in SAML configuration for your environment?
Thanks,
Vlad
Original Message:
Sent: 12-12-2019 05:53 AM
From: Vimalan
Subject: SAML testing error in 12.3.1
Dear Experts,
We are trying to configure SAML on our Sandbox system for testing. Upon testing, we are getting the following error in our internal Federation Service.
We are running AE 12.3.1 with Tomcat as the Web Server.
We created an entry in UC_SYSTEM_SETTINGS in 0 client with SAML and value as Y. Then opened UC_SAML_SETTINGS and changed the following.
1. Entity ID
2. In the location places, we changed the destination URL of the Automic SBX URL (https://hostname/awi/)
We gave the metadata XML file to our internal IDP team and they provided a new meta data xml . I created an additional key for department and pasted the contents of the XML file in it.
Upon testing we are getting an error and checking on the IDP side, we see an error illegal XML Character :0X10
Does anyone have any idea how to fix it ?
Illegal XML Character : 0X10
Thanks and Regards
Vimalan