Symantec Access Management

  • Private Community

  • 1.  Error in

    Posted May 08, 2015 10:59 AM

    Hi,

     

    We have configured federation using CA Secure Proxy Server and have the IDP initiated session working fine,

    When trying to do with SP initiated login, we get an 500 error Transaction failed message with the below error in the affwebserv log.

    Has anyone seen this before? Any idea what the issue is?

     

    [5280/3516][Fri May 08 2015 13:19:35][SSO.java][ERROR][sm-FedClient-02890] sm-FedClient-02890 (2ad3a140-b6ac16c6-03f47480-296f01db-1151d571-3e7, FAILED_INVALID_RESPONSE_RETURNED, , , )

    [5280/3516][Fri May 08 2015 13:21:42][SSO.java][ERROR][sm-FedClient-02890] sm-FedClient-02890 (26921db4-b5508458-a7d1f03b-088503dd-c0c2f603-78b, FAILED_INVALID_RESPONSE_RETURNED, , , )

     

    We see errors in the policy server smps log as well..

     

    [AssertionGenerator.java][ERROR][sm-FedServer-00080] preProcess() returns fatal error. <Response ID="_5ec068b3c7b058e04f9055daa4160b88127c" InResponseTo="ai896c294396ae219003267becb39b" IssueInstant="2015-05-08T13:22:00Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:protocol">

        <ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">https://sso.energyfutureholdings.com</ns1:Issuer>

        <Status>

            <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"/>

            <StatusMessage>Configuration error.</StatusMessage>

        </Status>

    </Response>



  • 2.  Re: Error in

    Posted May 08, 2015 11:43 AM

    these snippets aren't enough to go on.

     

    have you tried configuring trace logging?

     

    there's an excel  workbook on here that can help you

     

     

    CA SiteMinder Logging