For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

kunjan's avatar
kunjan
Icon for Nimbostratus rankNimbostratus
Jun 09, 2014

The SP reject with invalid user should be due to the XML parse error as '&' it is not XML encoded as 

'&'
in the SAML response

In the AuthReponse, the 'Destination' and 'Recipient' the values got to be

https://s1.ariba.com/Buyer/Main/ad/samlAuth/SSOActions?awr=1&realm=HHMI-T

I think if you try to XML format the SAML response now coming from APM you might get the same error http://www.freeformatter.com/xml-formatter.html

Now, I guess you can try to fix it at the source. Since this is SP initiated SAML, modify the ACS at SP and correspondingly modify the APM SP connector with 

&
But I'm not too sure SP will have issue with 
&
in the URL when APM POST back.