Expand my Community achievements bar.

AEM cloud | Azure SSO SAML login failure

Avatar

Level 2
Level 2
7/6/22 2:36:34 AM

Hi Folks,

 

I am integrating Azure SSO in AEMAaCS publish instance. 

After doing all setup I am getting one last exception 

 

*ERROR* [FelixLogListener] LogService.org.apache.felix.http.jetty Exception while processing request to /saml_login (org.apache.felix.log.LogException: java.lang.SecurityException: javax.jcr.PathNotFoundException: keystorePassword not found on /etc/truststore)

 

All changes like dispatcher, SAML authentication handler, referrer filter, sling auth configurations etc are done as per the need. I installed and took the certificate package from local AEM instance and deployed as part of cloud manager pipeline. 

 

Could you please help me to resolve this issue in cloud publish instance. Appreciate the help.

 

Thanks,

Pradeep

Views

1.4K

Replies

8
Sign in to like this content

Total Likes

Translate
Translate
8 Replies

Avatar

Level 2
Level 2
7/6/22 3:28:15 AM
In response to arunpatidar

Hi,

 

Those issues/solutions were identified either on prem or AMS. Where admin user can directly upload the certificates manually and create trust store or key store. We are using cloud.

I think the issue could be keystore(in my case it is truststore) password is not same what I used in local when creating the truststore. Or is it a permission issue to the group where user is getting added after successful authentication?

Views

1.4K

Replies

6
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
7/6/22 11:26:27 PM
In response to pradeepdubey

Hi, you can follow steps below :-

  • Navigate to Tools > Security > Users  on author . Look  for “authentication-service” user.
  • In the keystore tab, click on “Create Keystore” with a password.
  • Save the changes for the user and activate
  • Navigate to Tools > Deployment > Distribution , open Publish configuration
    In the Distribute tab, select the path “/etc/truststore” and select the add tree and replicate.

in saml config file - "keyStorePassword": ""

Views

1.4K

Replies

5
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
7/7/22 4:48:49 AM
In response to digarg31

After following all steps. I am seeing below exception in cloud publish aemerror log

LogService.org.apache.felix.http.jetty Exception while processing request to /saml_login (org.apache.felix.log.LogException: java.lang.SecurityException: com.adobe.granite.crypto.CryptoException: Cannot convert byte data)

Views

1.4K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Employee
Employee
7/7/22 7:21:07 AM
In response to digarg31

@pradeepdubey could you please try removing the "keystore" node under /home/users/system/.... and recreate the keystore.

Views

1.4K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
7/7/22 7:51:36 AM
In response to jalaja

In the cloud environment crx/de access is disabled. Also dev console repository browser is not allowing anything to delete, that is just read only. 

Views

1.3K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Adobe Developers Live, November 2024, Session | Extension Manager for AEM

Views

201

Likes

0

Replies

0
Adobe Developers Live, November 2024, Session | Bringing AI and Personalization to AEM Edge Delivery Services

Views

225

Likes

0

Replies

0
Rejection flow in AEM translation Project

Views

119

Likes

0

Replies

0
Adobe Developers Live, November 2024, On-Demand Session | Energizing Adobe Commerce with AEM Assets and Gen AI

Views

122

Likes

0

Replies

0
Adobe Developers Live, November 2024, On-Demand Session | CDN & WAF configuration in AEM Cloud Service

Views

149

Likes

0

Replies

0