Skip to main content

This content is closed to future replies and is no longer being maintained or updated.
Links may no longer function. If you have a similar request, please write a new post.

Question

 Arunkumar Velmurugan (Arunkum@r)
Areteans Technology Solutions
Associate Architect
Areteans Technology Solutions
GB
Arunkum@r Member since 2018 30 posts
Areteans Technology Solutions
Posted: Nov 18, 2019
Last activity: Dec 2, 2019
Posted: 18 Nov 2019 5:10 EST
Last activity: 2 Dec 2019 9:38 EST
Closed

How to trace SAML Activity

Hi All,

Whenever I log in through SSO Login page, I am getting following error message in the browser.

"Your account has been disabled, contact your system administrator"

So, How to trace SAML activity?

Could you please provide inputs?

Regards,

AK

To see attachments, please log in.
Low-Code App Development
Data Integration
Security
System Administration

  • Sree Saveen Dasari
Posted: 5 years ago
Posted: 19 Nov 2019 1:36 EST
Santhosh Bagannagari (bagas)
Pegasystems Inc.
Tech Lead, Security Engineering
Pegasystems Inc.
IN

Hi,

 

Are you trying to create new operator or using an existing Pega operator to login ? From the error message, it looks the operator record has been disabled. Can you check if Operator record is not disabled on Pega ?

For debugging SSO login process, you can enable logging for below classes and see.

com.pega.pegarules.integration.engine.internal.util.PRSAMLv2Utils 
com.pega.pegarules.integration.engine.internal.sso.saml.SAMLResponseHandler 
com.pega.pegarules.integration.engine.internal.sso.saml.SAMLRequestHandler 
com.pega.pegarules.integration.engine.internal.sso.AbstractSSOHandler 
com.pega.pegarules.integration.engine.internal.sso.saml.SAMLv2ACSHandler

Thanks,

Santhosh

To see attachments, please log in.
Posted: 5 years ago
Posted: 19 Nov 2019 4:32 EST
Arunkumar Velmurugan (Arunkum@r)
Areteans Technology Solutions
Associate Architect
Areteans Technology Solutions
GB

Hi Santosh,

I am trying to create a new operatorID. 
I have more than one node(8-10) in staging environment.

So if I enable logging in one node. How can I identify the exact node to check the log?

 

To see attachments, please log in.
Posted: 5 years ago
Posted: 19 Nov 2019 1:50 EST
Abhishek Goel (goela1) Technical Solutions Engineer
Pegasystems Inc.
IN

Hi,

You can also add SAML tracer in Chrome browser and capture the request URLs. Please find the attached snippet for more details.

Thank you,

Abhishek

To see attachments, please log in.
Posted: 5 years ago
Posted: 19 Nov 2019 4:44 EST
Arunkumar Velmurugan (Arunkum@r)
Areteans Technology Solutions
Associate Architect
Areteans Technology Solutions
GB

Hi Abhishek,

Thank you for the response. 

I have tried the SAML tracer but I am getting a success message in the tracer.
In the browser, I am getting the error message  
"Your account has been disabled, contact your system administrator"
 

To see attachments, please log in.
Posted: 5 years ago
Posted: 2 Dec 2019 9:38 EST
Rimjhim Srivastava (srivr1)
Pegasystems Inc.
Senior Technical Solutions Engineer
Pegasystems Inc.
IN

Hi,

You can either trace from the Admin studio and selecting the activity that you want to trace.

You can use SAML tracer and Fiddler tools to trace the SAML activity from the browser which you need to download based upon the browser you are using.

"Your account has been disabled, contact your system administrator"

The above error generally appears when you have logged the incorrect passwords for quite a number of times.

To see attachments, please log in.

We'd prefer it if you saw us at our best.

Pega Collaboration Center has detected you are using a browser which may prevent you from experiencing the site as intended. To improve your experience, please update your browser.

Close Deprecation Notice