Expand my Community achievements bar.

AEM 6.3 SAML Integration

Avatar

Level 1
Level 1
8/22/17 2:20:58 PM

We are trying to integrate AEM 6.3 with SecureAuth SAML .

We are following the instructions in SAML 2.0 Authentication Handler

When we follow the instructions for the TrustStore Management and load the certificate file, we get error as seen below.

the file name that we are trying to load from the secureAuth is certificate.wse3.cer

SAML_Snapshot.png

Also we'd like to understand what values to put for UserId Attribute and Group Membership  in SAML 2.0 Authentication Handler configuration.

as per the instruction in Demonstration of AEM and SAML integration

SAML_Autehnticator_Handler.png

Thank you

Ohad.

Views

5.5K

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
4 Replies

Avatar

Employee Advisor
Employee Advisor
8/22/18 7:19:13 AM

Most Likely the certificate is invalid or in incorrect format.

Check the logs when you are trying to upload the certificate for more details.

User-ID Attribute:- Check this with the IDP team on which attribute will contain the user ID as part of SAML response. Then, update that attribute name here.

Group Membership:- Check this with the IDP team on which attribute will contain the list of CRX groups this user should be added to as part of SAML response. Then, update that attribute name here.

Views

4.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
9/3/18 6:54:01 PM
In response to smacdonald2008

Hi Smacdonald,

I followed the instruction and tried to make it working for http://localhost:4502, it doesn't work. It's weird that it works for 4503 (Publish Instance) but not 4502 (Author Instance). Any idea?

Another issue is when I was using the certificate provided by Integrating SAML with Adobe Experience Manager for 4503, it's ok, but when I was using the certificate download from my SSOCircle accout Download the SSOCircle CA Certificate, I got "Invalid SAML Token". Any idea?

Thanks for the help.

Best Regards,

KevinH

Views

4.6K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 5
Level 5
9/28/18 11:37:54 AM
In response to kevinh6115

Hello kevinh6115

I am checking to see if this still an issue.

If yes, then please let me know in what sense is it not working for the author server? It's possible that in addition to the SAML configuration, your Sling Authentication Service needs some reconfiguration to make it work.

And regarding the Invalid SAML Token for the SSOCircle, it's likely that the error is related to the encoding of the certificate. To solve it, basically the certificate needs to be trimmed to enter a new line every 65th column. If you look at the certificate in Shared Files - Acrobat.com , you'll see that a newline is introduced every 65th line.

I hope this helps.

Best Regards,

Aneet Arora

Views

4.6K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate