Consumer Not Authenticating When Accessing Assertion Retrieval Service

Configuration Guides › Federation Security Services Guide › Troubleshooting › SAML 1.x-Only Issues › Consumer Not Authenticating When Accessing Assertion Retrieval Service

Consumer Not Authenticating When Accessing Assertion Retrieval Service

Symptom:

In an environment using SAML 1.x artifact single sign-on, the consumer fails authentication when trying to access the Assertion Retrieval Service at the producer.

Solution:

Depends upon the configured authentication:

If Basic authentication is configured to protect the Assertion Retrieval Service, verify that the Name and Password values in the Affiliate configuration match the Affiliate Name and Password values configured for the SAML Artifact authentication scheme.
If client certificate authentication is configured to protect the Assertion Retrieval Service, verify that the client certificate of the consumer is valid and that it is present in the AM.keystore database of the consumer. Additionally, verify that the certificate of the Certificate Authority that issued the client certificate is present in the web server key database at the producer.

Email CA Technologies about this topic