AEM 6.1 Single-Sign-On(SSO) with OKTA

Avatar

Avatar
Validate 1
Level 2
gurub46428210
Level 2

Likes

9 likes

Total Posts

19 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 1
View profile

Avatar
Validate 1
Level 2
gurub46428210
Level 2

Likes

9 likes

Total Posts

19 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 1
View profile
gurub46428210
Level 2

10-07-2017

What problem we are solving?

Configure AEM6.1 to allow authors to login to /projects.html using OKTA.

What's done?

Configured AEM6.1 author per the steps specified in the document-http://www.aemstuff.com/blogs/july/saml.html

Have we done OKTA integration with AEM6.1?

Yes; it's working in our Production environment; we created new test environment from scratch, OKTA SSO not working for the new author environment.

Issues we are facing: Not able to login to author using our network username & password.

  • CQ Author level:
    • Server logs:
      • 05.07.2017 23:30:45.683 *WARN* [qtp535806943-32583] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.

      • 05.07.2017 23:32:03.085 *WARN* [qtp535806943-31835] com.adobe.granite.auth.saml.SamlAuthenticationHandler Could not retrieve SP's private key: Uninitialised key store for user authentication-service

ASK?

  • What could be causing above errors? How to resolve them?
  • Any known SSO bug with AEM 6.1?

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar
Validate 1
Level 2
gurub46428210
Level 2

Likes

9 likes

Total Posts

19 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 1
View profile

Avatar
Validate 1
Level 2
gurub46428210
Level 2

Likes

9 likes

Total Posts

19 posts

Correct reply

2 solutions
Top badges earned
Validate 1
Boost 5
Boost 3
Boost 1
Affirm 1
View profile
gurub46428210
Level 2

12-07-2017

Thanks.

I'm able to resolve the issue. I made changes few changes - (1) Apache config changes (2) Author & groups permissions were missing.

Answers (1)

Answers (1)

Avatar

Avatar
Validate 1
Level 8
MC_Stuff
Level 8

Likes

78 likes

Total Posts

467 posts

Correct reply

158 solutions
Top badges earned
Validate 1
Boost 50
Boost 5
Boost 3
Boost 25
View profile

Avatar
Validate 1
Level 8
MC_Stuff
Level 8

Likes

78 likes

Total Posts

467 posts

Correct reply

158 solutions
Top badges earned
Validate 1
Boost 50
Boost 5
Boost 3
Boost 25
View profile
MC_Stuff
Level 8

11-07-2017

Hi Guru,

   None of the log message you mentioned is nothing to worry about.  Issue sounds to be different that saml.

Enable debug on   com.adobe.granite.auth.saml.SamlAuthenticationHandler and then repeat the test case and send us logs, osgi config snapshot and har file.  Generating HAR files and Analyzing Web Requests - Atlassian Documentation

Thanks,