Thanks.
In what encoding should be the saml response? Base64 or plain xml?
Thanks.
In what encoding should be the saml response? Base64 or plain xml?
This is what the working example looks like from my lab. I use Postman to test and this is Postman's "Code” transformation to cURL.
curl --location --request POST 'https://<igl-hostname>:<igl-port>/aveksa/command.submit?cmd=loginUser&authsource=<saml-auth-source-name>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'SAMLResponse=<Base64-SAML-Assertion>'
Hello Mostafa,
I tried both Postman and Curl but I get the same error message in my logs:
"WARN (default task-5) [com.aveksa.server.command.LoginUserCommand] Error occurred logging user null in with authprovider saml_okta"
However, with the same user, I have succeeded to authenticate through RSA IGL IHM, via the aveksa/main url.
Here is an screenshot of my okta authentication's configuration.
Did you configure an additional IDP replying trust for this WebService endpoint as in step #2?
Yes I did it.
It finally worked for me. I made a mistake in "aveksaurl" value (authentication source configuration).
To solve the problem I replaced "https://.../aveksa/command.submit?cmd=loginUser&authsource=saml_okta" by "https://.../aveksa/command.submit"
Thank you all.
I was just about to reply saying you should remove all parameters from the aveksaurl (and similarly in your Okta configuration). Glad this is all resolved now!
I branched this to a separate question so it has can help others in the future.
Yes I did it.
It finally worked for me. I made a mistake in "aveksaurl" value (authentication source configuration).
To solve the problem I replaced "https://.../aveksa/command.submit?cmd=loginUser&authsource=saml_okta" by "https://.../aveksa/command.submit"
Thank you all.