SAP Knowledge Base Article - Preview

2347564 - Could not extract SAML2 message from request

Symptom

In the case where the AS Java is the Service provider and it sends a request to an Identity provider, the response from the IDP cannot be parsed with errors:

Service Provider could not extract SAML2 message from request.
[EXCEPTION]
java.lang.SecurityException: com.sap.security.saml2.lib.common.SAML2Exception: SAML parsing failed.

Caused by: com.sap.security.saml2.lib.common.SAML2Exception: Failed to unmarshal the string: <samlp:Response Version="2.0" ID=".....

Caused by: javax.xml.bind.UnmarshalException
 - with linked exception:
[org.xml.sax.SAXParseException: The end-tag for element type "<name>:<value>" must end with a '>' delimiter.]


Read more...

Environment

SAP NetWeaver 7.3
SAP enhancement package 1 for SAP NetWeaver 7.3
SAP NetWeaver 7.4
SAP NetWeaver 7.5

Product

SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5 ; SAP enhancement package 1 for SAP NetWeaver 7.3

Keywords

assertion, sso, single-sign-on, login.failed, artifact , KBA , BC-JAS-SEC-SML , JAVA SAML 1.1 and 2.0 , BC-JAS-SEC-LGN , Logon, SSO , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.