Question

2
Replies
84
Views
VIvek Singh (VivekS60)
Telekom

Telekom
DE
VivekS60 Member since 2019 1 post
Telekom
Posted: November 20, 2019
Last activity: December 2, 2019
Posted: 20 Nov 2019 9:25 EST
Last activity: 2 Dec 2019 9:33 EST
Closed

RelayStateID - Password is wrong

We are getting exception while performing SSO using SAML2.0. We tried to reproduce this while performe SSO for an indivdual user but did see any exceptions.

Also, In the load test all the users used as a test data they all had valid passwords and accounts in our IDP server.

Below are 2 types of exception we are getting:

1)

2019-10-31 11:03:09,887 [jp-nio-30009-exec-11] [ STANDARD] [ ] [ PegaRULES:07.10] (uthorization.KeystoreEntryData) ERROR <URL>|<IPAddress>|RelayStateID: 23c4c3e7-0bf9-4f3a-bc6c-18e23aa0639c :RelayStateID - Password is wrong

2)

2019-10-31 11:03:16,568 [ajp-nio-30009-exec-4] [ STANDARD] [ ] [ PegaRULES:07.10] ( internal.util.PRSAMLv2Utils) ERROR <URL>|<IPAddress>|Rest|WebSSO|SAML|v2_assertionconsumerservice27d966ed6057ae45375fdfa98b29416f|A0JP7ZQ2U6MAZTUMOVHBFLCZO8U9LYPFJ|RelayStateID:e89cce7c-19b9-4fd8-8678-97308e3cfcef:RelayStateID - Caught Exception while validating SAML2 Authentication response for SSO profile : Request Id doesnt match Inresponse to field of SAML assertion,Possibility of a security breach.

Please provide reasons if any of you faced similar exception or aware what might be the root cause for these exceptions.

Security
Moderation Team has archived post, This thread is closed to future replies. Content and links will no longer be updated. If you have the same/similar Question, please write a new Question.