SAML consumer VAM missing cookie and Looping

Follow

Version Affected:  All

Description:  

SAML Consumer is looping back to the IdP and then back to the SAML consumer instead of logging in to the App. 

SAML tracer does show a cookie being created but it disappears straight away.

Cause:  SAML consumer creates the cookie based on what is in the Assertion. 

Most browsers can only handle a cookie size of up to 4096 bytes so although we consume the assertion and create the cookie, the browser dumps it. 

Resolution:  

The SAML Consumer VAM will consumer the entire assertion. 

Liaise with the IdP team so that they send fewer attributes in their SAML assertion. This will reduce the size of the cookie and solve the issue.  

 

SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.