Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
BedrockMission!

Learn more

View all

Sign in to view all badges

SOLVED

AEM 6.5 Assets - SAML2.0 'Assertion Consumer Service URL' Property

Vikashyadav
Level 2
Level 2

Hi,

We have configured Adobe Granite SAML 2.0 Authentication Handler property "Assertion Consumer Service URL" with value like "http://<Host>/ssouser/saml_login" in osgi console. With this configuration we were successfully integrated and authenticated users. One fine day SSO login stops working(login page stops redirecting to SSO page) and we have seen in repository there were two nodes created with the same name & structure that "Assertion Consumer Service URL" property has. This created node has only 'jcr:primaryType' property.

 

Assertion Consumer Service URL in SAML2.0 config= http://<Host>/ssouser/saml_login

Node created in repository = /ssouser/saml_login

 

After removing this node from repository, login page start redirecting to SSO page successfully.

Just wanted to know, how this node has been created in repository? How we can restrict this node creation in repository?

 

Thanks.

 

AEM 6.5.3 AEM Assets Configuration SAML2.0
1 Accepted Solution
Arun_Patidar
Correct answer by
Community Advisor
Community Advisor

Hi,

I am not sure why SSO stop working and instead of node is created but when you make a request to any AEM url with POST, it looks for resource(page, external url etc) if recourse does not found then default sling post servlet get called and created the nodes and properties.

So when node is created, AEM able to find local sling resourec and redirection to SSO stopped working.

https://sling.apache.org/documentation/bundles/manipulating-content-the-slingpostservlet-servlets-po...

 

 

View solution in original post

3 Replies
Arun_Patidar
Correct answer by
Community Advisor
Community Advisor

Hi,

I am not sure why SSO stop working and instead of node is created but when you make a request to any AEM url with POST, it looks for resource(page, external url etc) if recourse does not found then default sling post servlet get called and created the nodes and properties.

So when node is created, AEM able to find local sling resourec and redirection to SSO stopped working.

https://sling.apache.org/documentation/bundles/manipulating-content-the-slingpostservlet-servlets-po...

 

 

View solution in original post

Vikashyadav
Level 2
Level 2

Hi Arun,

Thanks for your quick response. As part of this AEM node creation, what are the properties are associated with that created node? In my case, the created node has only one property i.e. jcr:primaryType. Does default sling post servlet create jcr:created, jcr:createdBy properties for that node?

Thanks.

 

Arun_Patidar
Community Advisor
Community Advisor
I am not sure but you can try to post a request using curl. It should create jcr:created and jcr:createdBy to the root node i.e ssouser