Error Processing Authnrequest. Null Input
J2EE Policy agent on Glassfish v3.1.1 Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] thanks. I did exactly that. The log told me that I didnt have a directory server configured and running. I expected it to be configured out of the box with the default configuration. On Mar 5, 2012, at 4:53 PM, "Mark de Reeper"
Mailing List Use Advanced Search to search the entire archive. Re: Fedlet initiated Single Sign Error » Back to List Archive Chronological | Threaded https://lists.forgerock.org/pipermail/openam/2012-March/025704.html « Previous Message Next » « Previous Thread Next » From: Emily Xu
MegaMatt joined #openam 02:49 MegaMatt joined #openam 05:16 GLHMarmot joined #openam 06:21 metadaddy|lunch joined #openam 07:27 hos001 joined #openam 08:35 kala joined #openam 09:10 aldaris joined #openam 11:02 aldaris https://irclog.perlgeek.de/openam/2014-02-18 joined #openam 12:52 aldaris joined #openam 13:03 rghose joined #openam 13:04 rghose is it possible to add an existing OpenAM deployment to a load balancer configuration? 13:05 rghose I found a thread but that was way back in 2009. currently how can this be done 13:08 MegaMatt http://openam.forgerock.org/openam-documentation/openam-doc-source/doc/install-guide/index.html#chap-session-failover 13:14 fatbloke joined #openam 13:20 rghose pardon my ignorance but what is meant by SFO btw? 13:21 kala session fail over 13:21 error processing rghose haha thanks 13:23 dean Hey guys, this is an OpenSSO issue but thought you might be able to help. When I try to create an idp initiated saml request I get "Error processing AuthnRequest. Null input." Looking in the debug logs I see this: AuthenticatedSharedAgents.isMember():userDN is null or invalid IdType aaronexample.comIdType :IdType: user 13:23 dean Any idea why it seems to care if my users is an AuthenticatedSharedAgent? 13:25 asyd error processing authnrequest. dean: do just just to be sure, you provide an authnrequest? 13:26 dean No, but I shouldn't have to if it's IdP initiated right? 13:27 asyd how you initiate it? 13:27 dean I hit this url: /opensso/idpssoinit?metaAlias=/idp&spEntityID=EntityID&binding=HTTP-POST with a valid authToken cookie. 13:28 dean Which works fine in our five other environments but seems to be failing in this one. I'm guessing there's some piece of configuration we missed somewhere. 13:28 aldaris joined #openam 13:33 aldaris dean, the null input is because either the SAML assertion, the signing private key or the assertion's ID is null 13:33 aldaris usually it's the signing key missing 13:33 rghose I am trying to install 2 instances of OpenAM on the same box, one of them runs as user a and the other as b. So is it necessary for them to share the same configuration directory? (as given https://wikis.forgerock.org/confluence/display/openam/5+Extending+to+a+Dual+Instance+Deployment) 13:33 dean Cheers, I'll check that aldaris. 13:44 fatbloke joined #openam 13:44 rghose I get this: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token. Check AMConfig.properties for the following properties com.sun.identity.agents.app.username com.iplanet.am.service.password, refer to install.log under /home/openam/openam for more information. 13:44 aldaris WebSphere? 13:44 rghose um no, tomcat 13:44 rghose I use 2 instances of tomcat 13:45 aldaris have you provided the