...
I am using JIRA or Confluence. In the SAML Single Sign process i will be redirected to the Identity Provider and successful authenticated. If I am returned from the Identitiy provider to JIRA/Confluence I get the error message
. I tried to access my JIRA main URL https://<jira-URL>, /login.jsp, /default.jsp, /secure/Dashboard.jspa and /secure/MyJiraHome.jspa but im always end up on the normal login page.
Solution
The "Enable SSO Redirect" is working with the "Force SSO URLs" field. That means that the plugin is only redirecting requests to URLs matching the regular expressions from the Force SSO URLs. To ensure that your main and all normal login URLs will be redirected, please check if the "Force SSO URLs" has included the default values:
/default.jsp
/secure/Dashboard.jspa
/secure/MyJiraHome.jspa
You also can delete the whole "Force SSO URLs" field and save the plugin configuration to restore the default values.:
Processing saml failed: com.resolution.samlprocessor.SAMLProcessorException: Assertion signature validation failed
Solution
- The most occurring reason for this error is because the wrong token signing certificate is used. Please check if the right certificate from your identitiy provider is included in the "IdP Token Signing Certificate" field from your plugin configuration.
- It could be that your JIRA/Confluence system is use a wrong encoding e.g. "ANSI_X3.4-1968". With the wrong system encoding the certificate cant be decoded properly. As solution you can change your encoding back to the standard value "UTF-8" with follwing steps:
- On the <jira/confluence-install>/bin (or <tomcat-home>/bin for JIRA/Confluence WAR installations) directory, open the setenv.sh(Linux)/setenv.bat(Windows) file.
- Add the line: JVM_SUPPORT_RECOMMENDED_ARGS="-Dfile.encoding=utf-8" and save it.
- Restart JIRA/Confluence.
Related articles
| Filter by label (Content by label) | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
...