Symptom
You have configured SAML in your environment and this is not functioning as expected, in the detailed security traces we can see the below error occuring at the SAML2LoginModule
LOGIN.FAILED
User: N/A
IP Address: xx.xxx.xx.xxx
Authentication Stack: sap.com/tc~lm~itsam~ui~mainframe~wd*webdynpro_resources_sap.com_tc~lm~itsam~ui~mainframe~wd
Authentication Stack Properties:
policy_domain = /webdynpro/resources/sap.com/tc~lm~itsam~ui~mainframe~wd
realm_name = Upload Protected Area
Login Module Flag Initialize Login Commit Abort Details
1. com.sap.security.core.server.jaas.EvaluateTicketLoginModule SUFFICIENT ok false true
2. com.sap.security.saml2.sp.SAML2LoginModule OPTIONAL ok exception true Trusted IdP configuration is disabled: ACTIVEDIRECTORY.COM
3. com.sap.security.core.server.jaas.CreateTicketLoginModule SUFFICIENT ok false true
4. com.sap.engine.services.security.server.jaas.BasicPasswordLoginModule REQUISITE ok false false
5. com.sap.security.core.server.jaas.CreateTicketLoginModule REQUISITE ok false true
No logon policy was applied
Read more...
Environment
Release Independent
SAP NetWeaver
Product
Keywords
Trusted IdP configuration is disabled, Enable IDP, IDP not trusted, SAML 2.0, Identity Provider, Service Provider , KBA , BC-JAS-SEC-SML , JAVA SAML 1.1 and 2.0 , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.