[keycloak-user] SAML parsing error

Hynek Mlnarik hmlnarik at redhat.com
Tue Apr 25 02:30:56 EDT 2017


Can you please share the SAML document? AuthnStatements are handled by
Keycloak, this seems rather an issue with the format of the SAML
document.

Thanks

--Hynek

On Mon, Apr 24, 2017 at 4:12 PM, Anders KK
<anders.kabell.kristensen at systematic.com> wrote:
> Hi,
>
> We have setup Keycloak as an identity broker with a SAML IdP. Keycloak
> recieves a SAML response from the IdP and we can decrypt this response by
> hand and it looks like we expect.
>
> When the browser hits our SAML endpoint
> (https://[domain]/auth/realms/[realm]/[client]/[IdP alias]/endpoint) we get
> an exception:
> org.keycloak.broker.provider.IdentityBrokerException: Could not process
> response from SAML identity provider.
>
> The log shows this error: PL00062: Parser : Unknown
> tag:AuthnStatement::location=[row,col {unknown-source}]: [1,9341]
>
> It seems that Keycloak do not know the tag AuthnStatement even though this
> is part of the SAML 2.0 standard?
> Are we missing something here?
>
> Kind regards,
> Ulrik and Anders
>
>
>
>
> --
> View this message in context: http://keycloak-user.88327.x6.nabble.com/SAML-parsing-error-tp3667.html
> Sent from the keycloak-user mailing list archive at Nabble.com.
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user



-- 

--Hynek


More information about the keycloak-user mailing list