Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM 6.1 Single-Sign-On(SSO) with OKTA

gurub46428210
Level 3
Level 3

What problem we are solving?

Configure AEM6.1 to allow authors to login to /projects.html using OKTA.

What's done?

Configured AEM6.1 author per the steps specified in the document-http://www.aemstuff.com/blogs/july/saml.html

Have we done OKTA integration with AEM6.1?

Yes; it's working in our Production environment; we created new test environment from scratch, OKTA SSO not working for the new author environment.

Issues we are facing: Not able to login to author using our network username & password.

  • CQ Author level:
    • Server logs:
      • 05.07.2017 23:30:45.683 *WARN* [qtp535806943-32583] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.

      • 05.07.2017 23:32:03.085 *WARN* [qtp535806943-31835] com.adobe.granite.auth.saml.SamlAuthenticationHandler Could not retrieve SP's private key: Uninitialised key store for user authentication-service

ASK?

  • What could be causing above errors? How to resolve them?
  • Any known SSO bug with AEM 6.1?
1 Accepted Solution
gurub46428210
Correct answer by
Level 3
Level 3

Thanks.

I'm able to resolve the issue. I made changes few changes - (1) Apache config changes (2) Author & groups permissions were missing.

View solution in original post

2 Replies
MC_Stuff
Level 9
Level 9

Hi Guru,

   None of the log message you mentioned is nothing to worry about.  Issue sounds to be different that saml.

Enable debug on   com.adobe.granite.auth.saml.SamlAuthenticationHandler and then repeat the test case and send us logs, osgi config snapshot and har file.  Generating HAR files and Analyzing Web Requests - Atlassian Documentation

Thanks,

gurub46428210
Correct answer by
Level 3
Level 3

Thanks.

I'm able to resolve the issue. I made changes few changes - (1) Apache config changes (2) Author & groups permissions were missing.

View solution in original post