Expand my Community achievements bar.

Enhance your AEM Assets & Boost Your Development: [AEM Gems | June 19, 2024] Improving the Developer Experience with New APIs and Events

AEM 6.5.12/15 SAML 2.0 Authentication Handler - Not redirecting

Avatar

Level 2

Hello everyone

I have configured the SAML2.0 following https://experienceleague.adobe.com/docs/experience-manager-65/administering/security/saml-2-0-authen... the ipd login page loads and send the post, then when the  http://localhost:4503/content/xxx/saml_login is handled 

gives me this response:

qath_0-1678386588451.png

09.03.2023 19:46:02.576 *DEBUG* [qtp965154916-494780] org.apache.sling.auth.core.impl.SlingAuthenticator setAttributes: ResourceResolver stored as request attribute: user=admin
09.03.2023 19:46:33.765 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.HttpBasicAuthenticationHandler forceAuthentication: Not forcing authentication because request parameter sling:authRequestLogin is not set
09.03.2023 19:46:33.765 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator getAuthenticationInfo: no handler could extract credentials; assuming anonymous
09.03.2023 19:46:33.766 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator doHandleSecurity: No credentials in the request, anonymous
09.03.2023 19:46:33.766 *INFO* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator getAnonymousResolver: Anonymous access not allowed by configuration - requesting credentials
09.03.2023 19:46:33.766 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator login: requesting authentication using handler: com.adobe.granite.auth.saml.SamlAuthenticationHandler@2b7a2638
09.03.2023 19:46:33.777 *DEBUG* [qtp965154916-494880] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.
09.03.2023 19:46:33.777 *WARN* [qtp965154916-494880] org.apache.sling.auth.core.AuthUtil isRedirectValid: Redirect target must not be empty or null
09.03.2023 19:46:47.280 *DEBUG* [qtp965154916-494780] org.apache.sling.auth.core.impl.SlingAuthenticator doHandleSecurity: Trying to get a session for null
09.03.2023 19:46:47.287 *DEBUG* [qtp965154916-494780] org.apache.sling.auth.core.impl.SlingAuthenticator setAttributes: ResourceResolver stored as request attribute: user=admin
09.03.2023 19:46:57.899 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator doHandleSecurity: Trying to get a session for null
09.03.2023 19:46:57.901 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator setAttributes: ResourceResolver stored as request attribute: user=admin
09.03.2023 19:46:57.903 *DEBUG* [qtp965154916-485112] org.apache.sling.auth.core.impl.SlingAuthenticator doHandleSecurity: Trying to get a session for null
09.03.2023 19:46:57.904 *DEBUG* [qtp965154916-485112] org.apache.sling.auth.core.impl.SlingAuthenticator setAttributes: ResourceResolver stored as request attribute: user=admin
09.03.2023 19:48:58.069 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator doHandleSecurity: Trying to get a session for null
09.03.2023 19:48:58.076 *DEBUG* [qtp965154916-494880] org.apache.sling.auth.core.impl.SlingAuthenticator setAttributes: ResourceResolver stored as request attribute: user=admin
09.03.2023 19:49:59.301 *DEBUG* [qtp965154916-494804] org.apache.sling.auth.core.impl.SlingAuthenticator doHandleSecurity: Trying to get a session for null
09.03.2023 19:49:59.321 *DEBUG* [qtp965154916-494804] org.apache.sling.auth.core.impl.SlingAuthenticator setAttributes: ResourceResolver stored as request attribute: user=admin

Thanks!

 

2 Replies

Avatar

Community Advisor

Hi  

 

The error in the screenshot you attached is a warning/error the browser is triggering because of the HTTP protocol, and it is not by AEM. As it is in your local, you can try disabling the "The information you're about to submit is not secure" by following this article - https://techcult.com/enable-or-disable-not-secure-warning-in-google-chrome/ 

 

After disabling the Secure Warning, if you still have an issue with the saml_login end-point, respond with the error log messages. The error log messages you mentioned in the question are unrelated, as the saml_login POST call didn't hit the AEM publish instance. 

 

Thanks,

Lokesh

Avatar

Level 2

Thanks for the lead @Lokesh_Vajrala  i have tried to allow unsecure content in local environment but it's not working.

The link you send me present some configurations that i can´t find in google and the plugin https is no longer available, the ones i found are de following:

qath_3-1678646365828.png

 

qath_1-1678646205218.png

qath_2-1678646261513.png

Any other idea?

Thanks