Knowledge Base

Support Policies

Error: Failed to receive authentication request by HTTP redirect

SecureAuth IDP Version Affected: All

Description: 

When using SP initiated by POST with redirect, the workflow gets redirected (using IIS IP Address restrictions and an error 403 redirect) the original SP POST info is being lost and the error “failed to receive authentication request by HTTP POST” is presented.

Resolution:

 

Create a URL Rewrite IP Restriction Rule to Configure IIS 403 Error ReDirect between SAML Realms for temporary (307) when creating the URL rewrite rule.

Cause:

SP Initiated by POST means that the application sends an initial SAML request to SecureAuth over a POST. SP Initiated means that the application sends that request to SecureAuth in the URL (you can see it in your browser URL bar).
When using POST, the IIS 403 error page is not robust enough to preserve the POST data from one realm to the other. Therefore, the redirect will occur, but the POST data is dropped.
If you would like to preserve that POST data from one realm to another, you must use URL Rewrite module for IIS and set the redirect method to "307 (Temporary)".

Reference: https://docs.secureauth.com/display/KBA/URL+Rewrite+-+IP+Restrictions

 

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.