Expand my Community achievements bar.

Radically easy to access on brand approved content for distribution and omnichannel performant delivery. AEM Assets Content Hub and Dynamic Media with OpenAPI capabilities is now GA.
Learn More
SOLVED

saml_login not found 404

Avatar

Level 4
Level 4
12/11/17 11:16:41 AM

i am trying to configure sso in aem 6.3. After IDP is redirecting to /saml_login url on aem, i am getting 404 error. In aem logs I can see below messages:

08.12.2017 17:15:18.244 *INFO* [CM Event Dispatcher (Fire ConfigurationEvent: pi                                                                             d=com.adobe.granite.auth.saml.SamlAuthenticationHandler)] com.adobe.granite.auth                                                                             .saml Service [com.adobe.granite.auth.saml.SamlAuthenticationHandler,59547, [org                                                                             .apache.sling.auth.core.spi.AuthenticationHandler]] ServiceEvent REGISTERED

08.12.2017 17:15:42.778 *DEBUG* [qtp1363622188-331043] com.adobe.granite.auth.sa                                                                             ml.SamlAuthenticationHandler Could not retrieve SP's private key: Uninitialised                                                                              key store for user authentication-service

I have added the idp public store in trust store and added alias on saml handler. Need suggestion on what could be the issue here.

Views

7.1K

Replies

9
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Level 9
Level 9
12/12/17 11:21:56 PM

Hi Rajjev,

  It might be blocked at dispatcher level. Verify the filter to allow for /saml_login.   Can you send debug logs of com.adobe.granite.auth.saml?

Thanks,

View solution in original post

Views

5.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
9 Replies

Avatar

Level 10
Level 10
12/11/17 1:19:04 PM

So community can attempt to reproduce your issue, please point to the online doc you are following.

Views

4.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 10
Level 10
12/11/17 1:41:14 PM

Also - watch this GEMS session on SAML and AEM - it may be beneficial to solving this issue -- Utilizing SAML in AEM deployments

Views

4.9K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
12/11/17 2:23:25 PM

Thanks Sam. I noticed that password is not getting setup on authentication-service trust store. It is showing error message - Some error occured when setting the password.

Views

4.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 9
Level 9
12/11/17 10:52:24 PM

Hi Rajeev,

   Sounds you have registered to different path. At com.adobe.granite.auth.saml.SamlAuthenticationHandler configure path to /

Thanks,

Views

4.8K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
12/12/17 6:19:10 AM

HI MC,

Path is / in SamlAuthenticationHandler configuration.

Views

4.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
12/12/17 7:56:59 AM

Hi Sam,

In dispatcher logs, I can see below message

Filter rejects: POST /saml_login

I have added idp domain in referral filter. Do we need to do anything additional at dispatcher on aem instance to allow saml_login POST requests?

Views

4.7K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Level 4
Level 4
12/12/17 8:09:49 AM

Once i have allowed post request to /saml_login, it is now throwing 403 forbidden error.

Views

4.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate

Avatar

Correct answer by
Level 9
Level 9
12/12/17 11:21:56 PM

Hi Rajjev,

  It might be blocked at dispatcher level. Verify the filter to allow for /saml_login.   Can you send debug logs of com.adobe.granite.auth.saml?

Thanks,

Views

5.7K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
Related Conversations
Disabling publish to preview option in CF when required fields are not authored.

Views

79

Likes

0

Replies

2
Custom Event Handler is not getting triggered on click of Publish/Unpublish to Brand Portal in AEM Cloud environments

Views

84

Likes

0

Replies

2
using eclipse showing error plugin execution not covered by lifecycle configuration:

Views

76

Likes

0

Replies

1
video360_social and video360VR viewers options are not appearing.

Views

103

Likes

0

Replies

2
granite/ui/components/coral/foundation/form/pathfield field should show only rootPath pages not its child pages after browsing the dialog pathfield

Views

210

Likes

0

Replies

5