You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Raj (JIRA)" <ji...@apache.org> on 2019/01/31 10:18:00 UTC

[jira] [Created] (FEDIZ-236) Geeting HTTP 401 error on first login using SAML

Raj created FEDIZ-236:
-------------------------

             Summary: Geeting HTTP 401 error on first login using SAML 
                 Key: FEDIZ-236
                 URL: https://issues.apache.org/jira/browse/FEDIZ-236
             Project: CXF-Fediz
          Issue Type: Bug
          Components: Plugin
    Affects Versions: 1.4.5
         Environment: # ISAM ( IBM ) as an IDP 
 # Tomcat as JVM container
            Reporter: Raj


Hello 

I recently used FEDIZ plugin on tomcat for 1 basic JAVA application . MY config is 
 # ISAM ( IBM ) as an IDP 
 # Tomcat as JVM container

After configuring the FEDIZ , The request goes to IDP --> I get login page --> After successful login request gets to tomcat again with proper SAML response but I get HTTP 401 ERROR on browser . If I again enter the URL on same opened webpage I can access the application . 

 

On analyzing the FEDIZ code I saw this 

{{ _protected void resumeRequest(HttpServletRequest request, HttpServletResponse response)_}}
{{ _throws IOException_}}
{{ _{_}}
{{ _String contextId = request.getParameter("wctx");_}}
{{ _if (contextId == null)_}}
{{ _{_}}
{{ _LOG.warn("The 'wctx' parameter has not been provided back with signin request.");_}}
{{ _response.sendError(401);_}}
{{ }}}

 

I cheeked the Jira dashboard  and saw that there was some discussion saying that the IDP must pass the wctx  parameter as well in the SAML response . 

Is it really true ??  , because my ISAM ( IDP ) is not currently passing any thing like this . Do I just have to pass it as an attribute in the SAML response ?? Or is there any other way to get it working . 

 



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)