and more in a single search tool across platforms. Read the announcement here. |
04/03/2023 03:26 PM - last edited on 04/03/2023 03:59 PM by Dave
Am also facing same issue or error as this post when am trying to do SSO to our dev saviynt env. Below are the configuration parameters what i have configured in authcongif file. am still getting same error in the screen shot above on this thread. we are using 23.1 version. Please correct me if am missing any specific configuration in EIC. i see you are talking about keystore file path but it was not OOTB key in 23.1. Do i need to add that key and keystore file path by any chance?
grails.plugin.springsecurity.saml.active=true
grails.plugin.springsecurity.saml.logouturl='https://XXXXXXXXXXX.saviyntcloud.com/logout'
grails.plugin.springsecurity.saml.metadata.sp.file = 'AzureAD-SaviyntDev-SP-SSO_sp.xml'
grails.plugin.springsecurity.saml.metadata.defaultIdp='https://sts.windows.net/XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX/'
grails.plugin.springsecurity.saml.metadata.providers = [AzureADIDP: 'AzureAD-SaviyntDev-IDP-SSO_idp.xml']
grails.plugin.springsecurity.saml.keyManager.storePass = 'XXXXXXXX'
grails.plugin.springsecurity.saml.keyManager.passwords = [ spsigned: 'XXXXXXX' ]
grails.plugin.springsecurity.saml.keyManager.defaultKey = 'spsigned'
grails.plugin.springsecurity.saml.metadata.sp.defaults = [
securityProfile: 'metaiop',
local: true,
alias: 'SAVIYNT_DEV',
signingKey: 'spsigned',
encryptionKey: 'spsigned',
tlsKey: 'spsigned',
requireArtifactResolveSigned: false,
requireLogoutRequestSigned: false,
requireLogoutResponseSigned: false,
idpDiscoveryEnabled: true]
Error details below in screenshot
[This post has been edited by a Moderator to move it to its own thread.]
Solved! Go to Solution.
04/05/2023 10:44 AM
We have identified issue that IDP cert was not matching in keystore when compare with IDP metadata imported in Saviynt env. Also, keystore file path key need to be added manually to authconfig file to make SSO work.
grails.plugin.springsecurity.saml.keyManager.storeFile= 'file:/saviynt_shared/security/SAML/sp.keystore'
grails.plugin.springsecurity.saml.metadata.sp.defaults.alias = 'IDP Entity ID value'