SAP Knowledge Base Article - Preview

3740997 - SAML request is sent by the service provider, but no response is returned to the service provider.

Symptom

Service Provider has sent the authentication request to the Trusted Provider, but logon does not happen.

Example of Outgoing AuthnRequest in a SAML trace 2960670:

SAML20 SP (client *): Outgoing AuthnRequest
SAML20 Binding:          REDIR
SAML20 Signed:           True
SAML20 IdP Name:         *****
SAML20 Destination:      ******
SAML20 <samlp:AuthnRequest ID="*********-****-****-****-************"
SAML20                     Version="2.0"
SAML20                     IssueInstant="******"
SAML20                     Destination="IDP"
SAML20                     ForceAuthn="false"
SAML20                     IsPassive="false"
SAML20                     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
SAML20   <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
SAML20   *****</saml:Issuer>
SAML20   <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
SAML20                       AllowCreate="true" />
SAML20 </samlp:AuthnRequest>

Example of the beginning of a SAML response:

SAML20 SP (client *): Incoming Response
SAML20 Binding:          POST


Read more...

Environment

  • SAP NetWeaver Application Server Java
  • SAP NetWeaver Application Server
  • ABAP Platform
  • SAP S/4HANA

Product

ABAP platform all versions ; SAP NetWeaver all versions ; SAP S/4HANA all versions

Keywords

saml2, sso, acs endpoint, no saml response, idp, sp, assertion, smicm trace, security diagnostic tool, sec_diag_tool, Outgoing AuthnRequest, Incoming Response , KBA , BC-SEC-LGN-SML , SAML 2.0 for ABAP , Problem

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.