iOS Word -> Sharepoint -> ADFS -> Shibboleth
Waldemar Rosenfeld
waldemar.rosenfeld at apiida.com
Sat Oct 28 07:29:32 EDT 2017
Hi,
I already managed to setup an environment with Sharepoint -> ADFS -> Shibboleth and Authentication against AD with Kerberos and PasswordAuth. Works well so far.
Now we have some issues with mobile apps. Access to Sharepoint with a mobile browser like safari, chrome or firefox isn't a problem. Access with some mobile apps is problematic. The biggest issue that I am facing now are the Microsoft Office apps like Word for iOS. If I try to connect with those apps to Sharepoint, the redirect to ADFS a Sharepoint works, but after that, I get the following error in the log files:
2017-10-28 12:50:10,396 - WARN [org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler:156] - IP:[…] - Message Handler: Replay detected of message 'id-1bd8c0d8-2fd1-48d6-a263-3c3f9bc22eb9' from issuer 'http://url/adfs/services/trust'
2017-10-28 12:50:10,401 - WARN [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:202] - IP: […] - Profile Action WebFlowMessageHandlerAdaptor: Exception handling message
org.opensaml.messaging.handler.MessageHandlerException: Rejecting replayed message ID 'id-1bd8c0d8-2fd1-48d6-a263-3c3f9bc22eb9' from issuer http://url/adfs/services/trust
at org.opensaml.saml.common.binding.security.impl.MessageReplaySecurityHandler.doInvoke(MessageReplaySecurityHandler.java:157)
2017-10-28 12:50:10,418 - WARN [org.opensaml.profile.action.impl.LogEvent:105] - IP: […] - A non-proceed event occurred while processing the request: MessageReplay
Is it possible to disable the MessageReplay check for testing purpose? Didn’t find a solution for that in the documentation.
Thanks,
Waldemar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20171028/3171c503/attachment.html>
More information about the users
mailing list