10:44 p.m.
ERROR [org.keycloak.services.resources.IdentityBrokerService] (default
task-25) invalidRequestMessage
We are configuring the Single sign on for the application deployed on the
Wildfly instance by having keycloak , external IDP , SAML 2.0 standards
.Below is the flow .
There was an error at the flow while we are trying this flow . PFA It has
pictorial representation of the flow .
Wildfly app or servlet container -> (SP) SAML request to IdP -> Keycloak ->
(identify Okta IdP... may or may not need a username) -> (SP SAML Request
to Okta) -> Okta IdP (May or may not need user to login depends on if they
have an active okta session or not) -> IdP SAML Response -> Keycloak -> IdP
SAML Response Wildfly app / servlet container
5:10 a.m.
Hi Vandana,
Excellent diagram! However I'm afraid we'll need some additional info:
- as for you, from which transaction depicted in the diagram did the
error arise?
- there should have been a stack trace after "invalidRequestMessage",
could you please share it?
- what was the SAML payload of the request that lead to an error? You
can obtain it from F12 -> Network in your browser (but don't forget to
scrub any sensitive data)
Cheers,
Dmitry Telegin
CTO, Acutus s.r.o.
Keycloak Consulting and Training
Pod lipami street 339/52, 130 00 Prague 3, Czech Republic
+42 (022) 888-30-71
E-mail: info(a)acutus.pro
On Fri, 2018-07-20 at 15:44 -0500, vandana thota wrote:
ERROR [org.keycloak.services.resources.IdentityBrokerService]
(default
task-25) invalidRequestMessage
We are configuring the Single sign on for the application deployed on
the
Wildfly instance by having keycloak , external IDP , SAML 2.0
standards
.Below is the flow .
There was an error at the flow while we are trying this flow . PFA It
has
pictorial representation of the flow .
Wildfly app or servlet container -> (SP) SAML request to IdP ->
Keycloak ->
(identify Okta IdP... may or may not need a username) -> (SP SAML
Request
to Okta) -> Okta IdP (May or may not need user to login depends on if
they
have an active okta session or not) -> IdP SAML Response -> Keycloak
-> IdP
SAML Response Wildfly app / servlet container
_______________________________________________
keycloak-user mailing list
keycloak-user(a)lists.jboss.org
https://lists.jboss.org/mailman/listinfo/keycloak-user
2097
days inactive
2100
days old
1 comments
2 participants
participants (2)
-
Dmitry Telegin -
vandana thota