Issue:
We're Running a Policy Server, and in the Federation Journey, we see
that the SAML Responses show duplicated ID and as such the SP side
cannot consume the assertion.
<ns2:Assertion xmlns:ns2="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_989cd331197cb7da92c224ca7c6467544bfd"
Id="_989cd331197cb7da92c224ca7c6467544bfd"
IssueInstant="2019-04-29T06:11:42Z"
Version="2.0"
How can we fix this ?
Environment:
Policy Server 12.8SP0CR00 on RedHat 7;
Policy Server JDK 1.8.0_181;
Policy Store on CA Directory 14.0;
Admin UI 12.8SP1 on Windows 2012 R2 ;
Cause:
This is corrected in Policy Server 12.8SP1 :
Defects Fixed in 12.8.01
01090398, 01121619,
01153845, 01136496,
01137702, 01169777
DE365688
DE371749
Single sign-on fails as Policy Server issues duplicate assertion IDs in an assertion.
https://docops.ca.com/ca-single-sign-on/12-8/en/release-notes/service-packs/defects-fixed-in-12-8-01
Resolution:
We suggest you to upgrade to the latest version 12.8SP02 in order to
insure to have all the latest fix including this one.
KB : KB000131449