Question

Need some assistance with SAML SSO

0

I have been struggling to get SAML SSO working with Mendix. Following the documentation and setting everything up, the app initiates the SSO request but I get this error in the Mendix Service Console: Log Levels are set to trace, and nothing else relevant appears to be getting logged. I see the response coming across with the relevant info, but something is causing it to fail: I should note that this is from external traffic, so its possible that it's an issue with the IIS configuration (no idea what the issue there would be). When I try accessing it internally, I get different logs and no response object is ever created, also meaning that no errors are logged. In both cases I am presented with just a blank white screen, so Mendix is failing to handle the request in both cases. Digging through the Java code for the SAML module, I can't seem to locate where exactly its failing to validate the response. The error log provides no info, and the exception that is getting logged is being generated from inside this block of code: Yet no where in any of the called methods inside this block can I locate the referenced error, which leaves me with essentially no info as to why its failing. I know this is a long shot since obviously its difficult to troubleshoot with seeing ALL of the configurations on both the Mendix App, SAML configuration, IIS Server and the IdP, but hoping maybe someone has some pointers or better resources than the Mendix docs. The fact that SAML module throws NPE is almost laughable that they aren't checking for null values and logging what value is null...that's pretty basic error checking logic for an app to have.

asked 2024-10-23

Alex Stump

4 answers

Arun Mani G · Answer 1 · 2024-10-24

Hi Alex,

Kindly refer this Medium.

https://medium.com/mendix/azure-ad-sso-integration-with-mendix-app-b7bddd1429f6

Ronald Catersels · Answer 2 · 2024-10-24

And you could use a plugin for your browser called SAML tracer. That also might give you more information on why it is failing.

Regards,

Ronald

Christina K · Answer 3 · 2024-10-24

Hi Alex, in the app settings, is the after setup field set to "SAML20.Startup"? My app was also showing a blank page and it would send a request, but it didn't get any responses. It worked after I changed the after setup field to the SAML startup page.

Alex Stump · Answer 4 · 2024-10-30

We eventually got things working, after a lot of trail and error. The SAML module needs to have some better error handling to make it easier to troubleshoot, since all we got was a NPE with no stack trace or other relevant information we just had to guess and check many different configurations.