Expand my Community achievements bar.

Adobe Summit 2025: AEM Session Recordings Are Live! Missed a session or want to revisit your favorites? Watch the latest recordings now.
Watch Now!

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

After logging in IDP through SAML auth IDP POST to /saml_login URL returns 403 response

Avatar

Level 2
Level 2
3/8/23 12:42:49 AM

SAML Authentication configured by following this guide:

https://wttech.blog/blog/2019/how-to-setup-aem-publish-saml-authentication-using-okta

 

and after logging in IDP the POST request to configured URL returns unauthorized 403.

http://aem-publish-host/content/......./login.html

 

Dispatcher has a filter configured to allow POST request on given path 

/0053 { /type "allow" /method "POST" /url "*/login.html" } # allow post for SAML

 

What other options are there to investigate? 

Thanks

 

 

Views

910

Replies

4
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 2
Level 2
3/8/23 8:40:33 AM
In response to Albin_Issac

andrija_sm_0-1678292719364.png

Thanks, I've added "Allow Empty" referrer according to the link you kindly provided. This cleared the 403 error.

However now - accessing login.html enters into a loop of constantly redirecting to sso/saml IDP login page.

There is nothing in SAML logs:

08.03.2023 15:40:22.581 *INFO* [CM Event Dispatcher (Fire ConfigurationEvent: pid=com.adobe.granite.auth.saml.SamlAuthenticationHandler.f94668b4-8ce0-483a-98d0-46025b2c2cd6)] com.adobe.granite.auth.saml Service [com.adobe.granite.auth.saml.SamlAuthenticationHandler.f94668b4-8ce0-483a-98d0-46025b2c2cd6,80376, [org.apache.sling.auth.core.spi.AuthenticationHandler]] ServiceEvent REGISTERED

 

View solution in original post

Views

849

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
4 Replies

Avatar

Community Advisor
Community Advisor
3/8/23 2:38:07 AM

Please check dispatcher rules for SAML

https://techrevel.blog/2021/02/01/configuring-aem-for-single-sign-on-via-azure-ad/ 

Arun Patidar

AEM LinksLinkedIn

Views

888

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 2
Level 2
3/8/23 5:55:09 AM
In response to arunpatidar

Thanks Arun, for the quick reply. Unfortunately no new information on that resource.

Views

864

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Community Advisor
Community Advisor
3/8/23 7:07:14 AM

The 403 issues can be triggered when the Referrer Filter rejects the request; you may need to configure the Referrer Filter based on the IDP configurations.

Refer to Exceptions/Issues while configuring SAML Authentication Handler - Adobe Experience Manager(AEM) (alb... for more details.

Regards

Albin

https://www.albinsblog.com

 

Views

855

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 2
Level 2
3/8/23 8:40:33 AM
In response to Albin_Issac

andrija_sm_0-1678292719364.png

Thanks, I've added "Allow Empty" referrer according to the link you kindly provided. This cleared the 403 error.

However now - accessing login.html enters into a loop of constantly redirecting to sso/saml IDP login page.

There is nothing in SAML logs:

08.03.2023 15:40:22.581 *INFO* [CM Event Dispatcher (Fire ConfigurationEvent: pid=com.adobe.granite.auth.saml.SamlAuthenticationHandler.f94668b4-8ce0-483a-98d0-46025b2c2cd6)] com.adobe.granite.auth.saml Service [com.adobe.granite.auth.saml.SamlAuthenticationHandler.f94668b4-8ce0-483a-98d0-46025b2c2cd6,80376, [org.apache.sling.auth.core.spi.AuthenticationHandler]] ServiceEvent REGISTERED

 

Views

850

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
is there a way to integrate graphql with Assets using a JSON file instead of a content fragment? Solved

Views

128

Likes

0

Replies

4
Monitoring Copy-Paste Operations in AEM Toolbar Solved

Views

178

Likes

0

Replies

4
Upgrading angular 9 to 19

Views

114

Likes

0

Replies

4
Lamda API call Not Returning Data to AEM Cloud Environment

Views

80

Likes

0

Replies

2
Getting SearchpathLimit Error in Logs on trying to hit few pages

Views

143

Likes

0

Replies

5