EM 13.5: SAML SSO Login Fails with Error 500--Internal Server Error, [Security:096552]Illegal destination: https://<OMS_HOST_NAME>:<OMS_PORT>/saml2/sp/acs/post of assertion response.
(Doc ID 3008361.1)
Last updated on MAY 10, 2024
Applies to:
Enterprise Manager Base Platform - Version 13.5.0.0.0 and laterInformation in this document applies to any platform.
Symptoms
Follow SAML integration document Note: 2882744.1
After providing SSO credentials, EM Console login results below error:
Error 500--Internal Server Error
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.5.1 500 Internal Server Error
The server encountered an unexpected condition which prevented it from fulfilling the request.
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.5.1 500 Internal Server Error
The server encountered an unexpected condition which prevented it from fulfilling the request.
Enable the Weblogic DEBUG as per: Note 2969213.1
<gc_inst>/user_projects/domains/GCDomain/servers/EMGC_OMS1/logs/EMGC_OMS1.out
<Mar 1, 2024 1:58:47,650 AM PST> <Debug> <SecuritySAML2Service> <BEA-000000> <[Security:096552]Illegal destination: https://omshost.domain.com:<OMS_PORT>/saml2/sp/acs/post of assertion response.>
<Mar 1, 2024 1:58:47,651 AM PST> <Debug> <SecuritySAML2Service> <BEA-000000> <exception info
org.opensaml.saml.common.SAMLException: [Security:096552]Illegal destination: https://omshost.domain.com:<OMS_PORT>/saml2/sp/acs/post of assertion response.
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl$ResponseValidator.validateDestination(AssertionConsumerServiceImpl.java:364)
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl$ResponseValidator.validate(AssertionConsumerServiceImpl.java:348)
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl.verifyAttrAndEle(AssertionConsumerServiceImpl.java:313)
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl.process(AssertionConsumerServiceImpl.java:127)
at com.bea.security.saml2.cssservice.SAML2ServiceImpl.process(SAML2ServiceImpl.java:144)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
<Mar 1, 2024 1:58:47,651 AM PST> <Debug> <SecuritySAML2Service> <BEA-000000> <exception info
org.opensaml.saml.common.SAMLException: [Security:096552]Illegal destination: https://omshost.domain.com:<OMS_PORT>/saml2/sp/acs/post of assertion response.
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl$ResponseValidator.validateDestination(AssertionConsumerServiceImpl.java:364)
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl$ResponseValidator.validate(AssertionConsumerServiceImpl.java:348)
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl.verifyAttrAndEle(AssertionConsumerServiceImpl.java:313)
at com.bea.security.saml2.service.acs.AssertionConsumerServiceImpl.process(AssertionConsumerServiceImpl.java:127)
at com.bea.security.saml2.cssservice.SAML2ServiceImpl.process(SAML2ServiceImpl.java:144)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Cause |
| Solution |
| References |