Was this article helpful?
I got that. I did some tests. 1 SP => VS + policy: Saml Auth (idp) => variable assign (saml attribute to username) => sso kerberos 1 Idp => VS+ Policy: logon page => Allow. This ends in a saml/idp/profile/redirectorpost/sso error page. I added a saml ressource and this ends in a policy deny page. I understand the saml ressource is required but I don't see the link between the saml ressource and my web app. I didn't configure a portal or a webtop. I expect the redirect to my webapp after the saml auth (dp) step. I have already used apm as idp with adfs without issues. I do use apm with sun ldap to ms kerberos without issues. I guess I'm missing the saml ressource config/role here. I'll have to dig a little deeper in the config manual.