000033875 - Cannot access RSA SecurID Access protected SAML application due to incorrectly specified Identity Provider URL

Document created by RSA Customer Support Employee on Oct 31, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033875
Applies ToRSA Product Set:  SecurID Access
IssueA user successfully authenticates to the application portal, but when they click on an application, an error is displayed in the portal:
 
Application appears to be improperly configured. Contact your Administrator for assistance.
Cause
The Administration Console application SAML configuration has incorrectly specified the Identity Provider URL with an incorrect upper case URL, as shown here:

Identity Provider URL field

To investigate this error, an administrator can view the IDR's /var/log/symplified/symplified.log which can be obtained as described in the article on how to Generate and Download an Identity Router Log Bundle
The symplified.log will contain an error similar to:
2016-08-25/20:21:50.901/UTC [ajp-apr-8009-exec-8] ERROR com.symplified.service.appliance.idp.IdPServlet[92] - 
Unexpected exception thrown by IdP service:
com.symplified.service.appliance.idp.AssertionCreationException:
No application associated with the request
ResolutionEnsure that the application's Identity Provider URL configuration uses a valid all lower-case hostname.

Attachments

    Outcomes