on 09-29-2018 7:04 AM
Dear colleagues,
We have configured SP initiated SSO Fiori with ADFS IDP.
We are getting below error in the logs,
CX_SAML20_ASSERTION: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist. Long text: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist.
Please provide the inputs to fix the issue.
Regards,
Sree
<--Please don't be surprised if no one answers-->
Because lately, I read such questions... In general, if you want to get reliable answers from experts here and you don't use google to check for similar issues, at least please take your time and provide more details.
Without information like:
it will hardly be possible to provide a meaningful answer.
A look into my "magic ball" tells me it could be "something" related to a misconfigured rule inside the ADFS relying party configuration. Mostly the "NameID" claim is missing in the assertion issued by the IdP, at least that is what good old Google told me (first search result). Use the SAML2 diagnostic tool - it provides very much details …/sap/bc/webdynpro/sap/sec_diag_tool?sap-client=xxx
Cheers, Carsten
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Carsten,
The scenario is SSO set up for C4C with MS ADFS. The basic configuration is completed.
Below is the error after the user id and password has been provided in the SSO URL of C4C.
Do you know what could be causing this issue ? Also how do we identify the issue logs in C4C systems for SSO ?
CX_SAML20_CORE: The validation of message 'Response' failed. Long text: The validation of message 'Response' failed.
at CL_SAML20_RESPONSE->VALIDATE_ASSERTION(Line 48)
at CL_SAML20_RESPONSE->VALIDATE(Line 81)
at CL_SAML20_SSO->VALIDATE_RESPONSE(Line 78)
at CL_HTTP_SAML20->PROCESS_LOGON(Line 187)
at CL_ICF_SAML_LOGIN->PROCESS_LOGON(Line 64)
at CL_HTTP_SERVER_NET->AUTHENTICATION(Line 2380)
Caused by: CX_SAML20_ASSERTION: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist. Long text: Attribute 'SessionIndex' of element 'AuthnStatement' does not exist.
at CL_SAML20_ASSERTION->VALIDATE_ASSERTION(Line 91)
at CL_SAML20_RESPONSE->VALIDATE_ASSERTION(Line 41)
at CL_SAML20_RESPONSE->VALIDATE(Line 81)
at CL_SAML20_SSO->VALIDATE_RESPONSE(Line 78)
at CL_HTTP_SAML20->PROCESS_LOGON(Line 187)
at CL_ICF_SAML_LOGIN->PROCESS_LOGON(Line 64)
at CL_HTTP_SERVER_NET->AUTHENTICATION(Line 2380)
Any help is much appreciated.
Thanks & Regards,
Vaidya
User | Count |
---|---|
90 | |
10 | |
10 | |
10 | |
7 | |
7 | |
6 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.