Hi Team,
I am facing issue with multiple SAML configuration for our project with one IDP certificate.
I follow the steps mentioned in the link below but no Luck.
On successful authentication , it redirects to http:localhost/saml_login instead of the path configured in the Assertion Consumer URL i.e. http:localhost/content/abc/saml_login
What can be the issue or is there any configuration which needs to be done to handle multiple domain with multiple SAML configuration ?
Thanks in advance
Views
Replies
Total Likes
You need to configure the same Assertion Consumer URL on the OKTA side. Sometimes it's labeled as destination URL. Assertion URL in AEM should match with what's set on the OKTA.
Hi Jaideep,
Thank you for sharing more insight.
Yes I already put the Assertion Consumer URL on the OKTA side but still it redirect to default saml_login.
Do you see anything things which needs to be looked upon. ?
Thank you
Views
Replies
Total Likes
Can you check if path property is set as per the ACS:
If path: / then ACS should be <SP>/saml_login
If the path: /content then ACS should be <SP>/content/saml_login
Check [1] for more details
Views
Replies
Total Likes
Hi,
Thank you for sharing such a nice document.
I followed all the steps still No Luck.
Actually while giving the path "/content/abc" and putting the Assertion URL path as "http://localhost:4503/content/abc/saml_login" in SAML configuration. When I hit the path localhost:4503/content/abc.html it never redirects to IDP URL instead it render the content page.
Do you have any context why path with /content/abc not working and redirecting it to OKTA page for authentication. ?
Thanks
Views
Replies
Total Likes
Reading the description, it looks like the page "/content/abc.html" does not require authentication. SAML will only be triggered on the pages which anonymous does not have access to.
Also, check if you have excluded "/content/abc.html" from the authentication requirement.
[1] http://<host>:<port>/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthenticator
Views
Replies
Total Likes
It is not excluded in the path . " http://<host>:<port>/system/console/configMgr/org.apache.sling.engine.impl.auth.SlingAuthe nticator
Still need to find the solution.
Thank you
Views
Replies
Total Likes
Views
Like
Replies
Views
Like
Replies
Views
Likes
Replies