SAML Troubleshooting - ABO - Reference Guides

Back Office Configuration Guide

Product
ABO
AFS_Version
7.11
Category
Reference Guides
language
English
audience
public

SAML is a complex authentication protocol. Configuring an application to use a SAML identity provider requires many steps. The slightest error in the configuration can prevent the SAML connection from working.

Remember that for any trouble regarding integration with a ADFS SAML implementation, you can refer to the following set of rules that must be respected to get the integration work.

When the Service Provider is not able to decode a SAML response, the following log files should provide more information:

  • /usr/local/afs7/logs/daemon/fluidtopics.log that contains the whole Fluid Topics output. It contains all errors encountered by the server.
  • /usr/local/afs7/Fluid-Topics/web/logs/$SERVICE_ID-$SERVICE_STATUS.log that contains only error messages encountered with the service_number/service_status tenant.

In the log files, SAML errors often start with org.pac4j.saml.exceptions.SamlException.

The Authentication Lifetime and Session Timeout is also a recurring issue with SAML.