Showing error while Azure AD with Mendix SAML

0
For Azure AD  am getting the below error  which is shown in the image.please tell the solution. I am using Mendix 9.5.0 version and My SAML version is v3.1.5 Before for Azure AD with Mendix I was using  8.18.5 version of mendix and SAML v2.1.8 version and with that my Azure AD integration with mendix was working properly. Just getting error in 9.5.0 version
asked
6 answers
1

First set the log level of SAML_SSO to trace. That gives you more specific info about the error. And as a tip use Firefox with the SAML tracer plugin. This way you can follow what is happening during the login.

Regards,

Ronald

 

answered
0

HI,

Ronald Catersels

I have added add-on in firefox

I have got the below 2 errors:

=========================================================

GET https://azureadauth-sandbox.mxapps.io/SSO/ HTTP/1.1 Host: azureadauth-sandbox.mxapps.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/1.1 500 Internal Server Error Server: nginx Date: Thu, 25 Nov 2021 08:58:16 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive X-Vcap-Request-Id: e73d1582-07c4-4359-5def-e5a454945994 Strict-Transport-Security: max-age=31536000 Permissions-Policy: interest-cohort=()

============================================================================================

=======================================================================================

GET https://azureadauth-sandbox.mxapps.io/styles/web/css/main.css HTTP/1.1 Host: azureadauth-sandbox.mxapps.io User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0 Accept: text/css,*/*;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive Referer: https://azureadauth-sandbox.mxapps.io/SSO/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin HTTP/1.1 404 Not Found Server: nginx Date: Thu, 25 Nov 2021 08:58:16 GMT Content-Type: text/html Transfer-Encoding: chunked Connection: keep-alive X-Vcap-Request-Id: 08ee9973-d40a-4856-67a9-ede9a8ba4cce Strict-Transport-Security: max-age=31536000 Permissions-Policy: interest-cohort=() Content-Encoding: gzip

=================================================================================================

 

answered
0

Hi,

Ronald Catersels

The log is empty

answered
0

Hi,

Ronald Catersels

Log:

================================================================================

  • 11:39:13 AMAPPINFOSAML_SSO: Processing request: /SSO/login
  • 11:39:13 AMAPPINFOSAMLRequest: null
  • 11:39:13 AMREQINFOazureadauth-sandbox.mxapps.io - [2021-11-26T06:09:13.646559518Z] "GET /SSO/login?_idp_id=azuread HTTP/1.1" 500 0 1749 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" "10.10.11.11:57980" "10.10.64.27:61086" x_forwarded_for:"49.36.47.69, 10.10.11.11" x_forwarded_proto:"https" vcap_request_id:"88c3bc1f-ac58-4ac6-4df5-5b24bdf38382" response_time:0.011007 gorouter_time:0.000257 app_id:"81d13fae-0804-4d6b-94a4-b6ac860de2c9" app_index:"0" x_cf_routererror:"-" x_b3_traceid:"d1104d0b3b309284" x_b3_spanid:"d1104d0b3b309284" x_b3_parentspanid:"-" b3:"d1104d0b3b309284-d1104d0b3b309284"
  • 11:39:13 AMAPPINFOSAMLResponse: null
  • 11:39:13 AMAPPINFORelayState: null
  • 11:39:13 AMAPPERRORSAML_SSO: Unable to validate Response, see SAMLRequest overview for detailed response. Error: SAML hasn't been correctly initialize. Please restart the SAML handler.
  • 11:39:13 AMAPPERRORSAML_SSO: org.opensaml.saml.common.SAMLException: SAML hasn't been correctly initialize. Please restart the SAML handler.
  • 11:39:13 AMAPPINFOat saml20.implementation.LoginHandler.handleRequest(LoginHandler.java:39)
  • 11:39:13 AMAPPINFOat saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:165)
  • 11:39:13 AMAPPINFOat com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:35)
  • 11:39:13 AMAPPINFOat com.mendix.external.connector.MxRuntimeConnector.lambda$processRequest$0(MxRuntimeConnector.java:74)
  • 11:39:13 AMAPPINFOat com.mendix.util.classloading.Runner.withContextClassLoader(Runner.java:19)
  • 11:39:13 AMAPPINFOat com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73)
  • 11:39:13 AMAPPINFOat com.mendix.basis.impl.MxRuntimeImplBase.processRequest(MxRuntimeImplBase.java:831)
  • 11:39:13 AMAPPINFOat com.mendix.m2ee.appcontainer.server.handler.RuntimeServlet.service(RuntimeServlet.scala:25)
  • 11:39:13 AMAPPINFOat javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:228)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.Server.handle(Server.java:516)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
  • 11:39:13 AMAPPINFOat org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
  • 11:39:13 AMAPPINFOat java.base/java.lang.Thread.run(Unknown Source)
  • 11:39:15 AMREQINFOazureadauth-sandbox.mxapps.io - [2021-11-26T06:09:15.067397456Z] "GET /theme.compiled.css HTTP/1.1" 200 0 71697 "https://azureadauth-sandbox.mxapps.io/SSO/login?_idp_id=azuread" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" "10.10.11.11:45254" "10.10.64.27:61086" x_forwarded_for:"49.36.47.69, 10.10.11.11" x_forwarded_proto:"https" vcap_request_id:"6aa3e916-52c1-420b-63ce-4336b53dbe5e" response_time:0.017713 gorouter_time:0.000327 app_id:"81d13fae-0804-4d6b-94a4-b6ac860de2c9" app_index:"0" x_cf_routererror:"-" x_b3_traceid:"fe12021529e1981d" x_b3_spanid:"fe12021529e1981d" x_b3_parentspanid:"-" b3:"fe12021529e1981d-fe12021529e1981d"
  • 11:39:15 AMREQINFOazureadauth-sandbox.mxapps.io - [2021-11-26T06:09:15.418697148Z] "GET /css/login.css HTTP/1.1" 200 0 625 "https://azureadauth-sandbox.mxapps.io/SSO/login?_idp_id=azuread" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" "10.10.11.71:49106" "10.10.64.27:61086" x_forwarded_for:"49.36.47.69, 10.10.11.71" x_forwarded_proto:"https" vcap_request_id:"52feb5a2-8199-4ef5-4c3c-56b5795d9e06" response_time:0.005986 gorouter_time:0.000431 app_id:"81d13fae-0804-4d6b-94a4-b6ac860de2c9" app_index:"0" x_cf_routererror:"-" x_b3_traceid:"b0680ee0c42613a3" x_b3_spanid:"b0680ee0c42613a3" x_b3_parentspanid:"-" b3:"b0680ee0c42613a3-b0680ee0c42613a3"
  • 11:39:15 AMREQINFOazureadauth-sandbox.mxapps.io - [2021-11-26T06:09:15.846250127Z] "GET /favicon.ico HTTP/1.1" 200 0 1242 "https://azureadauth-sandbox.mxapps.io/SSO/login?_idp_id=azuread" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" "10.10.11.11:45254" "10.10.64.27:61086" x_forwarded_for:"49.36.47.69, 10.10.11.11" x_forwarded_proto:"https" vcap_request_id:"3bda3ec1-5991-4ccd-4766-a5d3b1bf8e1e" response_time:0.001603 gorouter_time:0.000272 app_id:"81d13fae-0804-4d6b-94a4-b6ac860de2c9" app_index:"0" x_cf_routererror:"-" x_b3_traceid:"857d3238aa0c33d3" x_b3_spanid:"857d3238aa0c33d3" x_b3_parentspanid:"-" b3:"857d3238aa0c33d3-857d3238aa0c33d3"
  • 11:39:15 AMREQINFOazureadauth-sandbox.mxapps.io - [2021-11-26T06:09:15.857488025Z] "GET /css/images/mendix-logo.png HTTP/1.1" 200 0 1449 "https://azureadauth-sandbox.mxapps.io/css/login.css" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:94.0) Gecko/20100101 Firefox/94.0" "10.10.11.71:52622" "10.10.64.27:61086" x_forwarded_for:"49.36.47.69, 10.10.11.71" x_forwarded_proto:"https" vcap_request_id:"dc552a0b-4875-42de-583d-96a2e070e1bb" response_time:0.001588 gorouter_time:0.000330 app_id:"81d13fae-0804-4d6b-94a4-b6ac860de2c9" app_index:"0" x_cf_routererror:"-" x_b3_traceid:"f9e5dc978a8a3bcd" x_b3_spanid:"f9e5dc978a8a3bcd" x_b3_parentspanid:"-" b3:"f9e5dc978a8a3bcd-f9e5dc978a8a3bcd"

=========================================================================================

answered
0

Hello,

Ronald Catersels

 

I have added startup microflow in project setting > After startup and i tried again but i am getting the same error again

please see the following log:

 

================================================================================================

  • 7:36:16 PMAPPINFOSAML_SSO: Processing request: /SSO/login
  • 7:36:16 PMAPPINFOSAMLRequest: null
  • 7:36:16 PMAPPINFOSAMLResponse: null
  • 7:36:16 PMAPPINFORelayState: null
  • 7:36:16 PMAPPERRORSAML_SSO: Unable to validate Response, see SAMLRequest overview for detailed response. Error: SAML hasn't been correctly initialize. Please restart the SAML handler.
  • 7:36:16 PMAPPERRORSAML_SSO: org.opensaml.saml.common.SAMLException: SAML hasn't been correctly initialize. Please restart the SAML handler.
  • 7:36:16 PMAPPINFOat saml20.implementation.LoginHandler.handleRequest(LoginHandler.java:39)
  • 7:36:16 PMAPPINFOat saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:165)
  • 7:36:16 PMAPPINFOat com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:35)
  • 7:36:16 PMAPPINFOat com.mendix.external.connector.MxRuntimeConnector.lambda$processRequest$0(MxRuntimeConnector.java:74)
  • 7:36:16 PMAPPINFOat com.mendix.util.classloading.Runner.withContextClassLoader(Runner.java:19)
  • 7:36:16 PMAPPINFOat com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.java:73)
  • 7:36:16 PMAPPINFOat com.mendix.basis.impl.MxRuntimeImplBase.processRequest(MxRuntimeImplBase.java:831)
  • 7:36:16 PMAPPINFOat com.mendix.m2ee.appcontainer.server.handler.RuntimeServlet.service(RuntimeServlet.scala:25)
  • 7:36:16 PMAPPINFOat javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:799)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1626)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.websocket.server.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:228)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:193)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1601)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:548)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1624)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:233)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1434)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:188)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:501)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1594)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:186)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1349)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.Server.handle(Server.java:516)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:388)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:633)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:380)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:277)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:105)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.io.ChannelEndPoint$1.run(ChannelEndPoint.java:104)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.runTask(EatWhatYouKill.java:338)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.doProduce(EatWhatYouKill.java:315)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.tryProduce(EatWhatYouKill.java:173)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.util.thread.strategy.EatWhatYouKill.run(EatWhatYouKill.java:131)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:386)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:883)
  • 7:36:16 PMAPPINFOat org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1034)
  • 7:36:16 PMAPPINFOat java.base/java.lang.Thread.run(Unknown Source)

==============================================================================================

 

Also i am using the reply url as https://azureadauth-sandbox.mxapps.io/SSO/login?_idp_id=azuread (azuread is the alias name which i have used in idp provider)

 

please tell me where am i going wrong.

answered
0

Hi 

Ronald Catersels

Can you please tell me any other setting in AzureAD that might be the reason for this error?

Because I refered the below URL and done the changes:

Add Azure AD SSO to your Mendix App | by Stella Davies | Mendix Community | Oct, 2021 | Medium | Mendix Community

answered