Hi,
I've configured SAML Authentication flow on the CA Adapter to use primary LDAP/AD Authentication with secondary OTP.
My understanding of the adapter flow is that the user is authenticated against LDAP and if the risk is high, the user may be asked for secondary auth. However, I am not getting the user to authenticated against LDAP. Is there a config I am missing in CA AA configuration?
Log snippet:
2019-06-12 10:27:06,105 [http-nio-8080-exec-20] INFO integrations.frontend.LifeCycleStateData(712) -> PrimaryAuthenticationStack [Risk, LDAP] |65deae6c594e9979e7648a994da46c1c670de0f0
2019-06-12 10:27:06,105 [http-nio-8080-exec-20] INFO integrations.frontend.LifeCycleStateData(712) -> CurrentAuthModuleState:Primary |65deae6c594e9979e7648a994da46c1c670de0f0
2019-06-12 10:27:06,105 [http-nio-8080-exec-20] INFO integrations.frontend.LifeCycleStateData(712) -> isPostEvalDone:false |65deae6c594e9979e7648a994da46c1c670de0f0
2019-06-12 10:27:06,105 [http-nio-8080-exec-20] INFO integrations.frontend.LifeCycleStateData(712) -> value of currentAuthModuleStatePrimary |65deae6c594e9979e7648a994da46c1c670de0f0
2019-06-12 10:27:06,105 [http-nio-8080-exec-20] INFO api.impl.TxnMarker(30) -> Txn-Begin : OP=verifyPlain | CTxID=_RC65_1_100
2019-06-12 10:27:06,105 [http-nio-8080-exec-20] DEBUG common.pool.PoolManager(118) -> Successfully borrowed object from [CENAA01:9742]
2019-06-12 10:27:07,308 [http-nio-8080-exec-20] DEBUG common.pool.PoolManager(142) -> Successfully returned the object to the pool [CENAA01:9742]. CPS 0
2019-06-12 10:27:07,308 [http-nio-8080-exec-20] INFO api.impl.TxnMarker(44) -> Txn-End : OP=verifyPlain | CTxID=_RC65_1_100 | STxID=857 | RC=5800 | REC=0 | TOT=1203 | SRT=1186 | TGC=0 | TRC=0 | TWR=0 | TRD=1187 | TCR=-1 | RTC=0 | NCA=-1 | NCB=-1
2019-06-12 10:27:07,308 [http-nio-8080-exec-20] WARN integrations.frontend.LifeCycleStateData(716) -> LDAP password credentials not found for user, server transaction id=857: The credential was not found for the user ( PAM.TEST ). |65deae6c594e9979e7648a994da46c1c670de0f0
2019-06-12 10:27:07,308 [http-nio-8080-exec-20] INFO integrations.frontend.LifeCycleStateData(712) -> Next state: 42 |65deae6c594e9979e7648a994da46c1c670de0f0
2019-06-12 10:27:07,339 [http-nio-8080-exec-20] INFO saml.util.SAMLTool(254) -> SAML Authentication Request: Local IssueInstant: 2019-06-12T10:27:07.339+02:00
2019-06-12 10:27:07,339 [http-nio-8080-exec-20] INFO saml.util.SAMLTool(255) -> Passed IssueInstant: 2019-06-12T10:27:07.339+02:00
2019-06-12 10:27:07,339 [http-nio-8080-exec-20] INFO saml.util.SAMLTool(256) -> Configured Start time Lag: 0
2019-06-12 10:27:07,339 [http-nio-8080-exec-20] INFO saml.util.SAMLTool(257) -> Configured Validity Duration: 300000
2019-06-12 10:27:07,355 [http-nio-8080-exec-20] INFO integrations.frontend.LifeCycleStateData(712) -> Flow: Check Risk after caller does authentication=OK=OK=OK,S#52=/collectUsername.jsp,S#52=/collectUsername.jsp,S#7=OK=NO=OK=NO,S#52=collectPassword.jsp=USERINV,S#50=OK,S#52=/core/redirect.jsp |65deae6c594e9979e7648a994da46c1c670de0f0
2019-06-12 10:27:07,355 [http-nio-8080-exec-20] DEBUG freemarker.cache(44) -> TemplateLoader.findTemplateSource("templates/redirect_en_US.html"): Not found
2019-06-12 10:27:07,355 [http-nio-8080-exec-20] DEBUG freemarker.cache(44) -> TemplateLoader.findTemplateSource("templates/redirect_en.html"): Not found
2019-06-12 10:27:07,355 [http-nio-8080-exec-20] DEBUG freemarker.cache(44) -> TemplateLoader.findTemplateSource("templates/redirect.html"): Not found
2019-06-12 10:27:07,355 [http-nio-8080-exec-20] DEBUG freemarker.cache(44) -> "templates/redirect.html"("en_US", UTF-8, parsed) no source found.
2019-06-12 10:27:07,355 [http-nio-8080-exec-20] INFO helpers.util.CustomTemplateBean(104) -> Resource bundle set is default 'jspStrings'.
Thanks
Ntokozo
------------------------------
Senior Consultant
CA
------------------------------