Identity Provider Initiated SSO was failing with the below error ,
Error:[2015-08-21T21:41:10.579+10:00] [wls_oif1] [ERROR] [FED-10107] [oracle.security.fed.eventhandler.profiles.idp.sso.v20.AuthnRequestEventHandler] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId:] [ecid: 0057T2yXfUlAtHWVLyyGOA0003DH000j6^,0:3] [APP: OIF#11.1.1.2.0] [URI: /fed/user/authnoam] Federation does not exist: cannot complete the requested operation
Product: Oracle Identity Federation
The problem is specific to Persistent Name ID Format.
Solutions:
In the case of Persistent Name ID Format,always perform a SP-initiated SSO and also make sure the SP sets AllowCreate=true in the SAML AuthnRequest sent to Oracle Identity Federation,This will create a federation record for the User,and thereafter IDP-initiated SSO Works
Error:[2015-08-21T21:41:10.579+10:00] [wls_oif1] [ERROR] [FED-10107] [oracle.security.fed.eventhandler.profiles.idp.sso.v20.AuthnRequestEventHandler] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId:
Product: Oracle Identity Federation
The problem is specific to Persistent Name ID Format.
Solutions:
In the case of Persistent Name ID Format,always perform a SP-initiated SSO and also make sure the SP sets AllowCreate=true in the SAML AuthnRequest sent to Oracle Identity Federation,This will create a federation record for the User,and thereafter IDP-initiated SSO Works
2 comments:
The information provided was extremely useful and informative. Thanks a lot for useful stuff..
IT Infrastructure Management
I like the way you start and then conclude your thoughts. Thanks for this nice information.
IT Infrastructure Management
Post a Comment