[IdP Mobile] IDP Mobile

[IdP Mobile] IDP Mobile

  
Forge Component
(2)
Published on 3 Dec (13 days ago) by leonardo.fernandes
2 votes
Published on 3 Dec (13 days ago) by leonardo.fernandes

Hi I am trying to get the IDP Mobile application to work since it uses the IDP application when the mobile app performs the InAppBrowserEvent it does something similar to what others have experienced with the IDP Application. Specifically SAML goes to idp/sso.aspx, then redirects to Home.aspx and eventually goes to /customhandler/notfound.aspx. The SAML logs that I see contain


MobileFalse
ValidTrue

Why would the mobile be false if I was using the IDPMobileDemoApp


Regards


Hi Lee,

Please provide more info. 

Suraj Borade wrote:

Hi Lee,

Please provide more info. 

Hi Suraj, 

Thanks for your response I played with the settings in the IDP Connector Configuration Screen. When i switched on Generate SAML Request (optional) on it seems to work. I am now faced with a new issue where when I log out I receive a UNABLE TO PROCESS SAML REQUEST. The logs show the attached


Regards




Hi Lee,

Based on your attach SAML.PNG you do not yet configure the IdP connector properly to handle Logout requests.

The IdP connector fails the generate the request since it seems that you do not have configured the "IdPConnector (SP) Keystore". It's required for Logout process. 

Also have in mind that you need to provide the public X509 certificate (of the public key/keystore above) to your IdP SSO server administrator to configure on IdP SSO server, in order to SAML Logout process work properly.


Regards

Thanks Telmo, 


I am using one login so not sure if it has a keystore. So if I leave the logout fields blank (which I have) I still get the same response


Regards

Hi Lee,

But you can login right?

To SAML Single-Logout process initiated by IdP Connector (which was the error above), the IdP connector owner is the responsible to generate/build a keystore (ie, with a public/private RSA keys). You can do that in 2min with openssl tool for a self.signed certificate).

Then you need to extract the certificate from the keystore (check openssl comands how to do that) and upload it on one login administration page for single logout process.


Regards,