We created a partnership and trying to test SSO, when I hit IDP or SP initiated URL it redirects to affwebservices/redirectjsp/redirect.jsp, which is authentication URL (running SPS) and I have it protected with a policy.
IDP initiated URL:
We have the SAML partnership working in other different environments which are running different versions, I am not sure if I am doing something wrong or its something else.
Policy server Version: 12.52; Update: 01.02; Build: 766; CR: 02;
SPS Version 12.52 , Update 0102 , Label 766
The request loops between
Ensure you have DisableSessionVars=No
HI Ujwol, its its set as Default Value:
[4016/4424][Tue Sep 05 2017 15:47:58] disablesessionvars=no
Can you attach FWSTrace.log and fiddler please?
attached, please let me know what I am missing here.
I don't see a challenge for credential after redirection to /redirectjsp/ URL
Are you sure this is protected ? The authentication URL needs to be protected.
If you have protected it and if it's still not working can you please provide the sps agent trace log as well please ?
That's correct Ujwol I have /affwebservices/redirectjsp/redirect.jsp protected but when I hitting just http://idp.test.com/affwebservices/redirectjsp/redirect.jsp is not prompting for login, which is kind of weird.
so when I changed the realm to protect /affwebservices/redirectjsp/* I am getting for prompt for http://idp.test.com/affwebservices/redirectjsp/ but not for http://idp.test.com/affwebservices/redirectjsp/redirect.jsp
in addition to this I tried using smtest tool which is showing the resource is protected /affweservices/redirectjsp/redirect.jsp.
So I am confused why when I hitting the URL in browser its not getting protected.
Hi Ujwol, I got it working, it was a silly miss I had .jsp added as ignore extension, I removed it and now I am getting prompt for login.