SAML module - Assertion Conditions are not met

0
Hi Everyone, Does anyone know this “Assertion Conditions are not met issue” for SAML? I can complete the SAML authentication, but the http://localhost:8080/SSO/assertion will be failed. Hope you can save my day :-D I’m using Mendix studio pro 9.20.0 and SAML 3.3.13 Unable to validate Response, see SAMLRequest overview for detailed response. Error: Assertion Conditions are not met. This Service Provider application is not part of the designated audience list. -------- org.opensaml.saml.common.assertion.AssertionValidationException: Assertion Conditions are not met. This Service Provider application is not part of the designated audience list. at saml20.implementation.wrapper.MxSAMLAssertionStrictValidator.validate(MxSAMLAssertionStrictValidator.java:81) at saml20.implementation.wrapper.MxSAMLAssertion.validateAssertion(MxSAMLAssertion.java:47) at saml20.implementation.ArtifactHandler.handleSAMLResponse(ArtifactHandler.java:101) at saml20.implementation.ArtifactHandler.handleRequest(ArtifactHandler.java:48) at saml20.implementation.SAMLRequestHandler.processRequest(SAMLRequestHandler.java:168) at com.mendix.externalinterface.connector.RequestHandler.doProcessRequest(RequestHandler.java:37) at com.mendix.external.connector.MxRuntimeConnector.$anonfun$processRequest$1(MxRuntimeConnector.scala:54) at com.mendix.external.connector.MxRuntimeConnector.$anonfun$processRequest$1$adapted(MxRuntimeConnector.scala:54) at com.mendix.util.classloading.Runner$.withContextClassLoader(Runner.scala:20) at com.mendix.external.connector.MxRuntimeConnector.processRequest(MxRuntimeConnector.scala:54) at com.mendix.basis.impl.MxRuntimeImpl.processRequest(MxRuntimeImpl.scala:221) at com.mendix.m2ee.appcontainer.server.handler.RuntimeServlet.service(RuntimeServlet.scala:40) at javax.servlet.http.HttpServlet.service(HttpServlet.java:750) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764) at org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665) at org.eclipse.jetty.websocket.servlet.WebSocketUpgradeFilter.doFilter(WebSocketUpgradeFilter.java:170) at org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202) at org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1571) at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1383) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1544) at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1305) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122) at org.eclipse.jetty.server.Server.handle(Server.java:563) at org.eclipse.jetty.server.HttpChannel.lambda$handle$0(HttpChannel.java:505) at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:762) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:497) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:282) at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:314) at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100) at org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277) at org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.lambda$new$0(AdaptiveExecutionStrategy.java:139) at org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:933) at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1077) at java.base/java.lang.Thread.run(Thread.java:829)  
asked
2 answers
0

Hi,

 

SAML errors usually occur when there's missing or incorrect information entered during your SAML setup.

Obtain latest updated SAML assertion from your identity provider and see if that helps.

 

Regards,

Vaishali

answered
0

Do note that you never can use SSO when you are running locally. The SAML setup checks the URL of the source and destination. Since you are on localhost (so running locally) you get this error. SSO can only be done in your accp or production environments.

Regards,

Ronald

 

answered