Highlighted

Azure AD Single Sign On Issue - User ID is incorrect

koichik40102685

19-09-2018

I tried to integrate AEM with Azure AD and configure Single Sign On -

https://docs.microsoft.com/en-US/azure/active-directory/saas-apps/adobeexperiencemanager-tutorial

https://helpx.adobe.com/experience-manager/6-4/sites/administering/using/saml-2-0-authenticationhand...

In "Adobe Granite SAML 2.0 Authentication Handler" settings, I checked "Autocreate CRX Users".

I added a user to Azure AD, and tested the user was signed in AEM,

Then it was successfully signed in and AEM user was automatically created, but userid was encrypted... 

uX6J0/N2Q0eoGR5wSdFQrM89ZbqaO6dHamh8SD/S8dM=

I opened another browser, and tested same user, then another user was created in AEM.

I confirmed the SAML response data with FireFox SAML Tracer add-on, it seemed that it was normally returned,

Mail address and upn data and so on were contained with SAML format.

But I configured a logger for SAML in AEM, a following message is written in SAML log:

19.09.2018 17:30:06.797 *DEBUG* [qtp2142656484-3363] com.adobe.granite.auth.saml.SamlAuthenticationHandler Private key of SP not provided: Cannot sign Authn request.

Please point me where I missed (SAML 2.0 Authentication Handler? Certification or Trusted Store? Or any other settings?)

Best regards

Koichi

Replies