Symptom
- Trying to login in CMC/ BI Launchpad with SAML Authentication fails.
- Error "Http Status 500-Internal Server Error" after being redirected by Identity Provider (IdP) when using SAML to login.
- The following errors can be seen in Spring SAML logs:
- DEBUG BaseSAMLMessageDecoder:191 - Checking SAML message intended destination endpoint against receiver endpoint
- DEBUG BaseSAMLMessageDecoder:210 - Intended message destination endpoint: https://<LoadBalancer/Proxy_URL>/BOE/saml/SSO
- DEBUG BaseSAMLMessageDecoder:211 - Actual message receiver endpoint: https://<BI_SERVER>:<BI_PORT>/BOE/saml/SSO
- ERROR BaseSAMLMessageDecoder:215 - SAML message intended destination endpoint 'https://<LoadBalancer/Proxy_URL>/BOE/saml/SSO' did not match the recipient endpoint 'https://<BI_SERVER>:<BI_PORT>/BOE/saml/SSO'
- DEBUG SAMLProcessingFilter:104 - Incoming SAML message is invalid
org.opensaml.xml.security.SecurityException: SAML message intended destination endpoint did not match recipient endpoint
Read more...
Environment
- SAP BusinessObjects Business Intelligence Platform 4.x
- Load Balancer/ Reverse Proxy
Product
SAP BusinessObjects Business Intelligence platform all versions
Keywords
SAML, spring, login, BI Launchpad, redirect, Authentication, Azure, stderr.log, stdout.log, har, fail, LB, RP, Load Balancer, RProxy, HTTP 500, Identity Provider, Internal Server Error, Security Context , KBA , BI-BIP-AUT , Authentication, ActiveDirectory, LDAP, SSO, Vintela , Problem
About this page
This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).Search for additional results
Visit SAP Support Portal's SAP Notes and KBA Search.