Symptom
AS Java is configured as Identity Provider(IDP) in a SAML2 configuration. Service Provider(SP) is a third party and SSO is SP initiated. IDP receives a SAML assertion from SP and returns the following in troubleshooting wizard traces(tshw) and authentication fails:
Received HTTP request does not have specified charset encoding. Identity Provider will specify "UTF-8" as character encoding.
The tshw traces also show the following:
a complete relay state:
RelayState=aHR0cHM6Ly90YXRhdW5pc55555UueW9ueXguY29tL3kvY29udmVyc2F0aW9uLz9pZD0xOGRmMGM0%0D%0AMC0zOWVlLTExZTctOTUxZS1iYzc2NGUxMGMxOWQ%3D%0D%0A
then:
Received HTTP request does not have specified charset encoding. Identity Provider will specify "UTF-8" as character encoding.
and a broken relay state after this:
RelayState:aHR0cHM6Ly90YXRhdW5pc3RvcmUueW9ueXguY29tL3kvY29udmVyc2F0aW9uLz9pZD0xOGRmMGM0
<BR>MC0zOWVlLTExZTctOTUxZS1iYzc2NGUxMGMxOWQ=
<BR>
the above can be seen clearer in a browser saml tracer add on which shows the relay state been broken into two lines(<BR> tags) because of the enforced encoding from the IDP.
Read more...
Environment
SAP NetWeaver 7.3
SAP enhancement package 1 for SAP NetWeaver 7.3
SAP NetWeaver 7.4
SAP NetWeaver 7.5
Product
Keywords
KBA , BC-JAS-SEC-SML , JAVA SAML 1.1 and 2.0 , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.