iOS Word -> Sharepoint -> ADFS -> Shibboleth

Waldemar Rosenfeld waldemar.rosenfeld at
Sat Oct 28 07:29:32 EDT 2017


I already managed to setup an environment with Sharepoint -> ADFS -> Shibboleth and Authentication against AD with Kerberos and PasswordAuth. Works well so far.
Now we have some issues with mobile apps. Access to Sharepoint with a mobile browser like safari, chrome or firefox isn't a problem. Access with some mobile apps is problematic. The biggest issue that I am facing now are the Microsoft Office apps like Word for iOS. If I try to connect with those apps to Sharepoint, the redirect to ADFS a Sharepoint works, but after that, I get the following error in the log files:

2017-10-28 12:50:10,396 - WARN [] - IP:[…] - Message Handler:  Replay detected of message 'id-1bd8c0d8-2fd1-48d6-a263-3c3f9bc22eb9' from issuer 'http://url/adfs/services/trust'
2017-10-28 12:50:10,401 - WARN [net.shibboleth.idp.profile.impl.WebFlowMessageHandlerAdaptor:202] - IP: […] - Profile Action WebFlowMessageHandlerAdaptor: Exception handling message
org.opensaml.messaging.handler.MessageHandlerException: Rejecting replayed message ID 'id-1bd8c0d8-2fd1-48d6-a263-3c3f9bc22eb9' from issuer http://url/adfs/services/trust
2017-10-28 12:50:10,418 - WARN [org.opensaml.profile.action.impl.LogEvent:105] - IP: […] - A non-proceed event occurred while processing the request: MessageReplay

Is it possible to disable the MessageReplay check for testing purpose? Didn’t find a solution for that in the documentation.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list