cancel
Showing results for 
Search instead for 
Did you mean: 

F5 BIG-IP APM with SAML on simplesamlphp

kpoadips
Nimbostratus
Nimbostratus

I have configured the F5 BIG-IP for SAML authentication. My IDP is simplesamlphp. I have configured SAML SP Provider and External IDP connector and connected it to Virtual Server. On simplesamlphp I added an application by importing xml metadata from BIG-IP. Communication works, authentication passes, but finally BIG-IP reports to me on Virtual Server:

Access was denied by the access policy. This may be due to a failure to meet access policy requirements.

In the apm log I have the information:

/ Common / SAML_ACCESS_POLICY: Common: ff7ec2b7: SAML Agent: / Common / SAML_ACCESS_POLICY_act_saml_auth_ag failed to parse assertion, error: Response is not encrypted

I cannot log in to F5 BIG-IP APM.

2 REPLIES 2

SanjayP
MVP
MVP

Please check if SAML encryption is enabled. It would expect to send the SAML assertion to be encrypted.

boneyard
MVP
MVP

did the answer from SanjayP solve it for you kpoadips?