000018143 - What causes: SAMLException: No assertion associated with artifact

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018143
Applies To

RSA Federated Identity Manager (FIM) 2.5


RSA Federated Identity Manager (FIM) 2.6


All OS

Issue

What can cause: SAMLException: No assertion associated with artifact


FIM is the AP in this scenario with an unknown RP


In the FIM debug.log:

 

2006-09-16 21:29:52,193 FATAL - exception:

com.rsa.csf.techservice.saml.opensaml.SAMLException: No assertion associated with artifact

                at com.rsa.csf.clientservice.saml.SamlRequestProcessorServiceBean.retrieveAssertionsByArtifact(Lcom.rsa.csf.techservice.saml.table.SamlAssertionTableProxy;Lcom.rsa.csf.techservice.saml.signature.XMLSecurityProvider;[Lcom.rsa.csf.techservice.saml.opensaml.SAMLAssertionArtifact;)[Lcom.rsa.csf.techservice.saml.opensaml.SAMLAssertion;(Unknown Source)

Cause

This message can be caused when the RP receives back a different assertion ID then what was sent by the AP


Request for the same artifact a second time by the RP will also cause this error

Resolution

Look at the code on the RP side to determine if the RP is requesting the same artifact twice.  If it is RSA FIM, put the FIM server in debug mode.

By using the FIM debug.log log, you can compare what the assertion ID is sent and what assertion ID the RP is processing.

Legacy Article IDa32114

Attachments

    Outcomes