Problem Cyberark PVWA as SP
Yakov Revyakin
yrevyakin at gmail.com
Fri Apr 19 12:41:30 EDT 2019
I need to configure SAML authentication for Cyberark PVWA.
I can see that PVWA makes the request
https://testidp.hideez.com/idp/profile/SAML2/POST/SSO?SAMLRequest
=fVHLboMwEPwV5Lt......................qBifgkZLmQrxE9GrvyKM%2fr%2fpOIX
and I am able to obtain source of it:
<samlp:AuthnRequest ID="_78d938cd-c771-4b6a-8978-2f686fdc4630"
Version="2.0" IssueInstant="2019-04-19T15:40:19Z"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
AssertionConsumerServiceURL="
https://components.cyberark.local/PasswordVault/api/auth/saml/logon"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
<saml:Issuer
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">Cyberark4Hide</saml:Issuer></samlp:AuthnRequest>
As result my IdP returns the massage about Stale Request.
Log contains:
2019-04-19 18:40:21,486 - 184.170.232.52 - ERROR
[org.opensaml.profile.action.impl.DecodeMessage:73] - Profile Action
DecodeMessage: Unable to decode incoming request
org.opensaml.messaging.decoder.MessageDecodingException: This message
decoder only supports the HTTP POST method
at
org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder.doDecode(HTTPPostDecoder.java:82)
What is a stupid mistake I have done. Help please!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20190419/0ebd8d51/attachment.html>
More information about the users
mailing list