This content has been marked as final. Show 4 replies
Hi Karl,1 person found this helpful
I have reproduced your issue in my environment:
What I am seeing is that Weblogic is not able to fix the user session (JSESSIONID), so it sends again the authentication request. Actually, in my case, it performs 5-6 retries. If you take a look at THE ADFS2 log you will see an exception like this: "The same client browser has made 6 request in the last 4 seconds..." At the end the IdP sends you a SAMLResponse with the status urn:oasis:names:tc:SAML:2.0:status:Responder. Weblogic +"translates"+ that message in a *403 Forbidden Error*.
<session-descriptor> <cookie-name>HELLO_WORLD_SSO</cookie-name> </session-descriptor>
Maybe you could feed that cookie, PSDev2-0-PORTAL-PSJSESSIONID, by yourself, i.e. implementing a filter:
Hope it helps,
.../... HttpServletResponse httpServletResponse = (HttpServletResponse) response; .../... httpServletResponse.addCookie(new Cookie("PSDev2-0-PORTAL-PSJSESSIONID", yourValue)); .../...
Thank you for your suggestion. We had also opened a SR regarding the same issue and even offered to pay for development. Since we had to get on with our sso implementation we ended up using iis as a proxy since the integration with adfs was trivial.
Thanks again for the reply
Perhaps some one can help me determine the correct path.
If we have PeopleSoft 9.1 (PT 8.52) on Web Logic and we enable WEB Logic for SAML, will the PeopleSoft Application accept the SAML Assertion?
Sorry, I am much more of a SAMl guy than a PeopleSoft person and the PeopleSoft Group we are working with does not seem to know about SAML.
Any help or links that maybe helpful would be appreciated.