RelayStateID - Password is wrong
We are getting exception while performing SSO using SAML2.0. We tried to reproduce this while performe SSO for an indivdual user but did see any exceptions.
Also, In the load test all the users used as a test data they all had valid passwords and accounts in our IDP server.
Below are 2 types of exception we are getting:
1)
2019-10-31 11:03:09,887 [jp-nio-30009-exec-11] [ STANDARD] [ ] [ PegaRULES:07.10] (uthorization.KeystoreEntryData) ERROR <URL>|<IPAddress>|RelayStateID: 23c4c3e7-0bf9-4f3a-bc6c-18e23aa0639c :RelayStateID - Password is wrong
2)
2019-10-31 11:03:16,568 [ajp-nio-30009-exec-4] [ STANDARD] [ ] [ PegaRULES:07.10] ( internal.util.PRSAMLv2Utils) ERROR <URL>|<IPAddress>|Rest|WebSSO|SAML|v2_assertionconsumerservice27d966ed6057ae45375fdfa98b29416f|A0JP7ZQ2U6MAZTUMOVHBFLCZO8U9LYPFJ|RelayStateID:e89cce7c-19b9-4fd8-8678-97308e3cfcef:RelayStateID - Caught Exception while validating SAML2 Authentication response for SSO profile : Request Id doesnt match Inresponse to field of SAML assertion,Possibility of a security breach.
Please provide reasons if any of you faced similar exception or aware what might be the root cause for these exceptions.