Tenable.sc help
Darren Boss
darren.boss at computecanada.ca
Thu Jun 24 14:48:37 UTC 2021
Has anyone done an integration with Tenable.sc?
We are struggling to get this working for almost a week now and have
tried many things based on documentation for other SAML IdPs.
We have the Tenable SP in RP configuration with p:encryptAssertions="false" and
p:nameIDFormatPrecedence="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified".
In
In saml-nameid.xml I have this defined:
<bean parent="shibboleth.SAML2AttributeSourcedGenerator"
p:omitQualifiers="true"
p:format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
p:attributeSourceIds="#{ {'eduPersonPrincipalName'} }" />
They make it sound like they can read the username from an attribute
but we have also found documentation that disputes that. This would be
the first SP I've had to configure an unspecified nameid for.
We ran into many issues along the way that we were able to solve but
now no matter what we do we see:
181: Error while checking for early login.
SAML user not found.URL: rest/system [GET]
The co-worker I'm helping has provisioned a SAML user for himself
using eppn as the username. I've also configured another test SP which
is in the same RP group (encryption off, nameid unspecified) so I
could make sure I know I got the nameid configuration doing what I
think it should be doing.
--
Darren Boss
Senior Programmer/Analyst
Programmeur-analyste principal
darren.boss at computecanada.ca
More information about the users
mailing list