Versions Compared

Old Version 1

changes.mady.by.user Former user

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Published by Scroll Versions from space IDS and version 8.3

403 Page Not Found

A page not found error indicates that the steps described in Password application installation - SSO#Enable Password Web Application have not been completed.

HTTP Status 500

An exception containing the following line

Code Block
languagetext
javax.servlet.ServletException: com.ubisecure.saml2.sp.ServiceProviderException: CONFIG_ERROR: VirtualHostManager failed to resolve host

indicates that the application has not been activated successful.

HTTP Status 500

An exception containing the following line

Code Block
languagetext
javax.servlet.ServletException: com.ubisecure.saml2.sp.ServiceProviderException: CONFIG_ERROR: ServiceProvider: no identity provider

indicates that the identity provider metadata is not found, check Password application installation - SSO#Ubisecure Password Service Provider Activation

HTTP Status 500

An exception containing the following line

Code Block
languagetext
com.ubisecure.saml2.core.SAMLValidationException: Invalid property: Subject: SubjectConfirmation: REQUESTER, REQUESTDENIED


indicates that the parameter netmask needs to be set correctly in web.xml. An example configuration follows:

Code Block
languagetext
<servlet>
       <servlet-name>ServiceProviderServlet</servlet-name>
       <servlet-class>com.ubisecure.saml2.sp.servlet.ServiceProviderServlet</servlet-class>
       <init-param>
       <param-name>listener-class</param-name>
       <param-value>com.ubisecure.ubilogin.password.change.LoginEventListener</param-value>
       </init-param>
      <init-param>
                          <param-name>netmask</param-name> 
                          <param-value>0.0.0.0</param-value>
       </init-param>
       <load-on-startup>0</load-on-startup>
</servlet>

User not found

If the user definitely exists, verify that the user has the nominated authentication method activated.

Ensure the correct method is being checked by specifying the method name in the query string. For example: https://idp.example.com/password/reset?method=password.1

LDAP problem

If LDAPS connection is needed, logs will show this in debug level:

Code Block
languagetext
Caused by:
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Unwilling
To Perform] [Root exception is LDAPException: Unwilling To Perform (53)
Unwilling To Perform

LDAPException:
Server Message: 00002077: SvcErr: DSID-03190E49, problem 5003
(WILL_NOT_PERFORM), data 0