Last Modified: Oct 21, 2020
See more info
Known Affected Versions:
14.1.0, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 14.1.2, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206, 15.0.0, 15.0.1, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 15.1.0, 188.8.131.52, 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 15.1.1, 16.0.0, 126.96.36.199
Opened: Oct 17, 2019
When the BIG-IP system is configured as a SAML IdP and processes an SAML Authentication Request, if it does not find the appropriate SAML SP connector, it does not log relevant information such as the Issuer, ACS _URL, and Protocol binding from the Authentication request.
Troubleshooting the issue and fixing the SAML configuration is difficult since there is no relevant information in the error log.
This occurs when a BIG-IP system is configured as a SAML IdP and processes a SAML Authentication request, but does not find an appropriate SP configuration that matches the information provided in the SAML Authentication request.
Enable the log level for SSO to 'Debug', and capture the logs at the debug level to troubleshoot further.