AEM 6.5 Assets - SAML2.0 'Assertion Consumer Service URL' Property

Question

Hi,We have configured Adobe Granite SAML 2.0 Authentication Handler property "Assertion Consumer Service URL" with value like "http:///ssouser/saml_login" in osgi console. With this configuration we were successfully integrated and authenticated users. One fine day SSO login stops working(login page stops redirecting to SSO page) and we have seen in repository there were two nodes created with the same name & structure that "Assertion Consumer Service URL" property has. This created node has only 'jcr:primaryType' property. Assertion Consumer Service URL in SAML2.0 config= http:///ssouser/saml_loginNode created in repository = /ssouser/saml_login After removing this node from repository, login page start redirecting to SSO page successfully.Just wanted to know, how this node has been created in repository? How we can restrict this node creation in repository? Thanks.

arunpatidar · Accepted Answer

Hi,I am not sure why SSO stop working and instead of node is created but when you make a request to any AEM url with POST, it looks for resource(page, external url etc) if recourse does not found then default sling post servlet get called and created the nodes and properties.So when node is created, AEM able to find local sling resourec and redirection to SSO stopped working.https://sling.apache.org/documentation/bundles/manipulating-content-the-slingpostservlet-servlets-post.html

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded