Question

2
Replies
102
Views
SomitC37 Member since 2013 6 posts
Capgemini
Posted: April 6, 2017
Last activity: April 8, 2017
Closed

Assertion service POST immediately followed by Assertion service HTTP GET

Hi -

We are trying to implement SSO based on SAML2.0 ( SP initiated) where PingFederate is the IDP. After successful authentication from the IDP, the AssertionService URL is correctly invoked by IDP using POST and a proper SAMLResponse is also sent as POST data (can be traced using SAML tracer in firefox) the problem is that from the SAML tracer we can find the POST is immediately getting followed up another HTTP GET with same AssertionService URL without any query parameters and hence the pyACSPOSTBodyContent is not set while the REST service activity runs and hence goes to error step.

We have raised the issue with Customer's SSO team to debug if the GET is initiated somehow from the IDP end but in the mean while also wanted to verify whether anybody else has faced the same problem and whether it is a Pega version specific problem. We are using Pega 7.2.2. Below are the SAML setup details.

IDP Login (SSO) protocol binding: HTTP Redirect.

SP login protocol binding : HTTP POST

***Updated by Moderator: Marissa to update categories***

Security
Moderation Team has archived post
Share this page LinkedIn