Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Adobe Summit 2023 [19th to 23rd March, Las Vegas and Virtual] | Complete AEM Session & Lab list

SamlAuthenticationHandler Unknown reason found: User name and password do not match


Level 2

Hi there, 


i'm trying to implement a new SAML configuration into our environment. Here you have the situation:


1. There are already 4 sites using SAML authentication working perfectly

2. They are using the same service (ADFS)

3. A new site needs to be securised and users need to login by using ADFS 

4. SAML configuration for 5 sites are using exactly the same cert (trustore), and key store set to the authentication-service. 

5. Node protected in new site has been modified to be granite:AuthenticationRequired

6. ADFS is showing ok by the saml Authentication Service and users are able to type their credentials


An error is shown in browser 



Part of SAML response is the next one: 


<samlp:Response ID="_74b90e0f-c87e" Version="2.0" IssueInstant="2020-08-11T17:22:10.886Z" Destination="" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"> <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion"></Issuer> <samlp:Status> <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status>


Actually I can see AttributeStatements


Into AEM by coonfiguring the log level to debug using com.adobe.granite.auth.saml you'll find jus this log:


11.08.2020 17:22:07.241 *WARN* [qtp1102776891-15961] com.adobe.granite.auth.saml.SamlAuthenticationHandler Unknown reason found: User name and password do not match


Configuration in dispatcher is enabling POST to saml_login and all rules are similar prepared as the other 4 working sites. 


Do you have an idea on what could it be wrong? 


AEM 6.5.5




0 Replies