Environment
Novell Access Management 3 Linux Novell Identity Server
Novell Access Manager 3 Support Pack 3 applied
Novell Identity server active as SAML2 Identity server
SAML2 Service Provider is 3rd party software
Novell Access Manager 3 Support Pack 3 applied
Novell Identity server active as SAML2 Identity server
SAML2 Service Provider is 3rd party software
Situation
Working with a 3rd Party SAML2 Service provider that does not publish it's metadata. Manually
created the metadata on our SAML2 identity server for that remote SP.
Added the entityID, profile info, and the following AssertionConsumerService to the SPSSODescriptor section
AssertionConsumerService
Binding = urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact
Location = https://idp2.fubar.com:8443/nidp/saml2/spassertion_consumer
index = 0
When we access the intersite transfer URL, we would get an immediate error on the browser.
The catalina.out file would report the "No endpoint defined for AuthnResponse" error.
Resolution
This has been resolved in both NAM 3.0 SP4 and NAM 3.1
Change Log
Moved the original resolution to the Internal Notes in case it's needed again in the future. It's been confirmed by a few customers that this is fixed in both NAM 3.0 SP4 and NAM 3.1