cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Fiori SSO with ADFS

Former Member

on ‎09-29-2018 7:04 AM

0 Kudos

Dear colleagues,

We have configured SP initiated SSO Fiori with ADFS IDP.

We are getting below error in the logs,

CX_SAML20_ASSERTION: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist. Long text: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist.

Please provide the inputs to fix the issue.

Regards,

Sree

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

Colt
Active Contributor
‎09-29-2018 8:02 AM
0 Kudos

<--Please don't be surprised if no one answers-->

Because lately, I read such questions... In general, if you want to get reliable answers from experts here and you don't use google to check for similar issues, at least please take your time and provide more details.

Without information like:

  • Environment: NW Release, ADFS version
  • Configuration steps
  • Screenshots
  • Traces

it will hardly be possible to provide a meaningful answer.

A look into my "magic ball" tells me it could be "something" related to a misconfigured rule inside the ADFS relying party configuration. Mostly the "NameID" claim is missing in the assertion issued by the IdP, at least that is what good old Google told me (first search result). Use the SAML2 diagnostic tool - it provides very much details …/sap/bc/webdynpro/sap/sec_diag_tool?sap-client=xxx

Cheers, Carsten

Show replies
Show replies
I044576
Explorer
‎10-24-2019 7:21 AM
0 Kudos

Hi Carsten,

The scenario is SSO set up for C4C with MS ADFS. The basic configuration is completed.

Below is the error after the user id and password has been provided in the SSO URL of C4C.

Do you know what could be causing this issue ? Also how do we identify the issue logs in C4C systems for SSO ?

CX_SAML20_CORE: The validation of message 'Response' failed. Long text: The validation of message 'Response' failed.
at CL_SAML20_RESPONSE->VALIDATE_ASSERTION(Line 48)
at CL_SAML20_RESPONSE->VALIDATE(Line 81)
at CL_SAML20_SSO->VALIDATE_RESPONSE(Line 78)
at CL_HTTP_SAML20->PROCESS_LOGON(Line 187)
at CL_ICF_SAML_LOGIN->PROCESS_LOGON(Line 64)
at CL_HTTP_SERVER_NET->AUTHENTICATION(Line 2380)
Caused by: CX_SAML20_ASSERTION: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist. Long text: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist.
at CL_SAML20_ASSERTION->VALIDATE_ASSERTION(Line 91)
at CL_SAML20_RESPONSE->VALIDATE_ASSERTION(Line 41)
at CL_SAML20_RESPONSE->VALIDATE(Line 81)
at CL_SAML20_SSO->VALIDATE_RESPONSE(Line 78)
at CL_HTTP_SAML20->PROCESS_LOGON(Line 187)
at CL_ICF_SAML_LOGIN->PROCESS_LOGON(Line 64)
at CL_HTTP_SERVER_NET->AUTHENTICATION(Line 2380)

Any help is much appreciated.

Thanks & Regards,

Vaidya

Ask a Question