Forum Discussion

raZorTT's avatar
raZorTT
Icon for Cirrostratus rankCirrostratus
Feb 25, 2014

Thanks for the responses guys.

 

We are using Fiddler Web Debugger and according to what it captures the SAMLResponse appears to be valid.

 

I upped the log level to debug and tried to connect again. I've attached some entries from the logs.

 

Are there any examples or tools from F5 that I could use to validate the SAML response? I have used https://rnd.feide.no/simplesaml/module.php/saml2debug/debug.php and its able to be decoded and encoded fine.

 

Cheers

 

apd[6215]: 01490006:6: 37be1ed8: Following rule 'fallback' from item 'Start' to item 'SAML Auth'

 

apd[6215]: 01490000:7: ./AccessPolicyProcessor/Session.h func: "getSessionVar()" line: 303 Msg: variable "session.server.landinguri" was not found in the local cache for session "37be1ed8"

 

apd[6215]: 01490000:7: ./AccessPolicyProcessor/Session.h func: "getSessionVar()" line: 310 Msg: try to get it from MEMCACHED

 

apd[6215]: 01490000:7: memcache.c func: "mc_convert_session_var_to_mc_key()" line: 1160 Msg: Converted Var: session.server.landinguri to Session Var tmm.session.37be1ed8.session.server.landinguri

 

apd[6215]: 01490000:7: ./AccessPolicyProcessor/Session.h func: "getSessionVar()" line: 342 Msg: variable found, lets add it to the local cache "session.server.landinguri"="/saml/sp/profile/post/acs"(length=25)

 

apd[6215]: 01490000:7: modules/Authentication/Saml/SamlSPAgent.cpp func: "executeInstance()" line: 650 Msg: Matched idp connector name: /Common/DSS_ADFS_IdP

 

apd[6215]: 01490000:7: modules/Authentication/Saml/SamlSPAgent.cpp func: "executeInstance()" line: 654 Msg: Doing SAML IdP Initiated Auth: /saml/sp/profile/post/acs

 

apd[6215]: 01490000:7: ./AccessPolicyProcessor/Session.h func: "getSessionVar()" line: 303 Msg: variable "session.server.initial_req_body" was not found in the local cache for session "37be1ed8"

 

apd[6215]: 01490000:7: ./AccessPolicyProcessor/Session.h func: "getSessionVar()" line: 310 Msg: try to get it from MEMCACHED

 

apd[6215]: 01490000:7: memcache.c func: "mc_convert_session_var_to_mc_key()" line: 1160 Msg: Converted Var: session.server.initial_req_body to Session Var tmm.session.37be1ed8.session.server.initial_req_body

 

apd[6215]: 01490000:7: ./AccessPolicyProcessor/Session.h func: "getSessionVar()" line: 342 Msg: variable found, lets add it to the local cache "session.server.initial_req_body"=""(length=0)

 

apd[6215]: 01490192:3: 37be1ed8: SAML Agent: /Common/DSSAC_Access_Profile_act_saml_auth_ag cannot find assertion information in SAML request

 

apd[6215]: 01490004:6: 37be1ed8: Executed agent '/Common/DSSAC_Access_Profile_act_saml_auth_ag', return value 0

 

apd[6215]: 01490000:7: ./AccessPolicyProcessor/SessionState.h func: "clearTempSessionAgentState()" line: 84 Msg: Agent did not initiated the scheduled agent

 

apd[6215]: 01490000:7: AccessPolicyProcessor/AccessPolicy.cpp func: "execute()" line: 290 Msg: Let's evaluate rules, total number of rules for this action=2

 

apd[6215]: 01490000:7: AccessPolicyProcessor/AccessPolicy.cpp func: "execute()" line: 296 Msg: Rule to evaluate = "expr {[mcget {session.saml.last.result}] == 1}"

 

apd[6215]: 01490000:7: AccessPolicyProcessor/AccessPolicy.cpp func: "execute()" line: 296 Msg: Rule to evaluate = ""

 

apd[6215]: 01490005:5: 37be1ed8: Following rule 'fallback' from item 'SAML Auth' to ending 'Deny'