problem with ADFS SSO after upgrading from 7.1.7 to 7.2.2
Hi,
We had configured SSO on our Pega 7.1.7 using ADFS and SAML2. (It had worked with two hotfixes.)
Recently we upgraded our PRPC from 7.1.7 to 7.2.2 and since then I see "Unable to process the SAML WebSSO request : The Response did not contain any Authentication Statement that matched the Subject Confirmation criteria" message on Pega page after trying to log in. The SAML request/response seems normal but those are encrypted.
These are the relevant rows from the Pega log:
Hi,
We had configured SSO on our Pega 7.1.7 using ADFS and SAML2. (It had worked with two hotfixes.)
Recently we upgraded our PRPC from 7.1.7 to 7.2.2 and since then I see "Unable to process the SAML WebSSO request : The Response did not contain any Authentication Statement that matched the Subject Confirmation criteria" message on Pega page after trying to log in. The SAML request/response seems normal but those are encrypted.
These are the relevant rows from the Pega log:
2017-09-11 16:22:04,543 [ http- Proprietary information hidden:8543-3] [ ] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden - Requestor A89A1FEB10AA1950BFC2585C9F5956394 is reserved by current thread
2017-09-11 16:22:04,552 [ http- Proprietary information hidden:8543-3] [ ] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden - A89A1FEB10AA1950BFC2585C9F5956394 is added to memory map
2017-09-11 16:22:04,557 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden - doWithRequestorLocked(); Requestor: A89A1FEB10AA1950BFC2585C9F5956394; Lock released
2017-09-11 16:22:04,563 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden - doWithRequestorLocked(); Requestor: A89A1FEB10AA1950BFC2585C9F5956394; Lock released
2017-09-11 16:22:04,591 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden|Rest|WebSSO|SAML|AssertionConsumerService - doWithRequestorLocked(); Requestor: A89A1FEB10AA1950BFC2585C9F5956394; Lock released
2017-09-11 16:22:04,596 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden|Rest|WebSSO|SAML|AssertionConsumerService - doWithRequestorLocked(); Requestor: A89A1FEB10AA1950BFC2585C9F5956394; Lock released
2017-09-11 16:22:04,621 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden|Rest|WebSSO|SAML|AssertionConsumerService - doWithRequestorLocked(); Requestor: A89A1FEB10AA1950BFC2585C9F5956394; Lock released
2017-09-11 16:22:04,627 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden|Rest|WebSSO|SAML|AssertionConsumerService - doWithRequestorLocked(); Requestor: A89A1FEB10AA1950BFC2585C9F5956394; Lock released
2017-09-11 16:22:04,633 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ ] (pega.TRACE.requestor_lifecycle) DEBUG pppegadev.hu.cre.insim.biz| Proprietary information hidden|Rest|WebSSO|SAML|AssertionConsumerService - New Requestor A89A1FEB10AA1950BFC2585C9F5956394 is created
2017-09-11 16:22:04,658 [ http- Proprietary information hidden:8543-3] [ STANDARD] [ PegaRULES:07.10] (Admin_Security_SSO_SAML.Action) ERROR pppegadev.hu.cre.insim.biz| Proprietary information hidden|Rest|WebSSO|SAML|AssertionConsumerService|A89A1FEB10AA1950BFC2585C9F5956394 - Error while executing the Assertion Consumer Service activity : The Response did not contain any Authentication Statement that matched the Subject Confirmation criteria
Any suggestions, please?
Regards,
Tamas
***Updated by moderator: Lochan to add SR details***
**Moderation Team has archived post**
This post has been archived for educational purposes. Contents and links will no longer be updated. If you have the same/similar question, please write a new post.