2483445 - Received HTTP request does not have specified charset encoding - BASE64 SAML2 Assertion

Symptom

AS Java is configured as Identity Provider(IDP) in a SAML2 configuration. Service Provider(SP) is a third party and SSO is SP initiated. IDP receives a SAML assertion from SP and returns the following in troubleshooting wizard traces(tshw) and authentication fails:

Received HTTP request does not have specified charset encoding. Identity Provider will specify "UTF-8" as character encoding.

The tshw traces also show the following:

a complete relay state:

RelayState=aHR0cHM6Ly90YXRhdW5pc55555UueW9ueXguY29tL3kvY29udmVyc2F0aW9uLz9pZD0xOGRmMGM0%0D%0AMC0zOWVlLTExZTctOTUxZS1iYzc2NGUxMGMxOWQ%3D%0D%0A

then:

Received HTTP request does not have specified charset encoding. Identity Provider will specify "UTF-8" as character encoding.

and a broken relay state after this:

RelayState:aHR0cHM6Ly90YXRhdW5pc3RvcmUueW9ueXguY29tL3kvY29udmVyc2F0aW9uLz9pZD0xOGRmMGM0
<BR>MC0zOWVlLTExZTctOTUxZS1iYzc2NGUxMGMxOWQ=
<BR>

the above can be seen clearer in a browser saml tracer add on which shows the relay state been broken into two lines(<BR> tags) because of the enforced encoding from the IDP.

Environment

SAP NetWeaver 7.3
SAP enhancement package 1 for SAP NetWeaver 7.3
SAP NetWeaver 7.4
SAP NetWeaver 7.5

Product

SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP NetWeaver 7.5 ; SAP enhancement package 1 for SAP NetWeaver 7.3

Keywords

KBA , BC-JAS-SEC-SML , JAVA SAML 1.1 and 2.0 , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.