Attribute Statement Missing from SAML Response Spring

Question

I am having two issues with Spring SAML, I am a newbie to it but trying to use my common sense to resolve the issue.

We have two separate applications that share an external SSO provided as SAAS. Users normally come in from the main portal which then directs them to OpenAM for authentication. Once they are there they logon and get a cookie. They then click on a link which takes them to another application that validates the session information. Now the interesting part; sometimes it will fail by not providing the saml:AttributeStatement in the SAML response. To make it more weird, it would fail on some applications randomly and work on other; meaning the cookie has the information but some how the IDP does not process the information when the cookie is received but creates the response.

Any suggestion would really help as we need to go live with the solution.

Thanks in advance.

Either you use SAML or leverage OpenAM's SSO session cookie ... SAML is the standards based way to achieve Web SSO. Using OpenAM's SSO tracking is the proprietary way to achieve Web SSO. Please clarify! — Bernhard Thalmayr, Jan 23 '16 at 09:58
I am not sure what we are using, is there a way I can find out? — user2365885, Jan 23 '16 at 23:56
look at an HTTP trace when accessing the applications and check SAML tech overview to get a brief understanding on how SAML works — Bernhard Thalmayr, Jan 25 '16 at 08:07
Thank Bernhard. I will look into this and post more findings. — user2365885, Jan 25 '16 at 15:18

Attribute Statement Missing from SAML Response Spring

0 Answers0