Hello, happy new year mate.
Thanks for sharing some content here.
The version of the Sonarqube here is:
SonarQube ID information
Server ID: 499F1673-AVlbTUgAcfdcF0zs0eox
Follow some log details that I’ve got:
ID="ONELOGIN_ccd2812a-a041-4e2f-a19e-ec339427d9d1" Version="2.0" IssueInstant="2023-01-03T09:51:15Z"
<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" AllowCreate="true" />
[c.o.saml2.Auth]AuthNRequest sent to https://portal.sso.eu-west-1.amazonaws.com/saml/assertion/[REDACTED] --> fZJRb9MwEMe/SuR3J3GSCmq1lcoyI[REDACTED]
The access log
10.5.153.121 - - [03/Jan/2023:09:51:55 +0000] "GET /sessions/init/saml?return_to=%2F HTTP/1.1" **302** - "https://MYCOMPANY.awsapps.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:108.0) Gecko/20100101 Firefox/108.0" "AYVNr7QhVLM8++vpC0kP"
I was apprehensive about the information of SAML, unspecified thing so I changed it on the AWS SSO application panel, but the behavior continues
mleszczynski (I can’t mention you because I am new here) Thanks for it, and yes, my server base URL is equal to the ACS URL and others places. I heard in another searching moment about the HTTP Header forward that ALB was missing (or not doing) to the IDP and the assert doesn’t match, but I don’t know if it’s the case, I don’t have much log information, all I have is above here.
I tried the AWS support to get the error of the AWS SSO side, but as I said, they did not have many logs from the Third part apps.
After I posted here, I found some gold on the log:
2023.01.03 10:18:38 ERROR web[AYVNr7QhVLM8++vpC0/S][c.o.saml2.Auth] processResponse error.SAML Response not found, Only supported HTTP_POST Binding
2023.01.03 10:18:38 WARN web[AYVNr7QhVLM8++vpC0/S][o.s.s.a.AuthenticationError] Fail to callback authentication with 'saml'
Caused by: com.onelogin.saml2.exception.Error: SAML Response not found, Only supported HTTP_POST Binding