/support/notes/service/sap_logo.png){kind=logo}
SAP Knowledge Base Article - PreviewSymptom
Identity Authentication (IAS) is acting as a proxy with AD FS. After authentication to an application, it fails with the error HTTP Status 500.
Meanwhile, in the Troubleshooting log, ALL of the below errors can be seen:
- Authentication error.The authentication process did not set an authenticated principal in the current thread.
- state=failed, action=login, objectType=user, cause=authenticationStepFailure, category=audit.authentication, credentialType="{TRUSTED_IDP_SAML_ASSERTION=rejected}
- SAML2Assertion does not specify Subject NameID.com.sap.security.saml2.sp.sso.exception.BadCredentialsException: SAML2Assertion does not specify Subject NameID.
Note: This topic fails to consulting category. Microsoft is responsible to do this configuration. However, this KBA provides some hints to troubleshoot and solve this issue.
Read more...
Environment
- Identity Authentication
- Microsoft Active Directory Federation Services (AD FS)
Product
Identity Authentication 1.0
Keywords
ADFS, AD FS, Endpoint, Subject NameID , KBA , BC-IAM-IDS , Identity Authentication Service , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.