Error 403 forbidden with SSO SAML 2.0 when deploying two Analytics ear files
Last updated on MARCH 08, 2017
Applies to:Business Intelligence Server Enterprise Edition - Version 126.96.36.199.141014 and later
Information in this document applies to any platform.
Customer had configured the environment with SSO (ADFS + SAML 2.0) according this document:
When logging in to Analytics encountered the following error:
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.4 403 Forbidden
It appeared as though server understood the request, but is refusing to fulfill it. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
Customer had also followed OBIEE 11g "Error 403--Forbidden" Accessing OBIEE Through SAML SSO(Doc ID 1928807.1)
Checking the logs for BI servers and ADFS servers and following errors were noticed:
1. On ADFS servers site Error ID 364:
Encountered error during federation passive request.
Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '2' seconds. Contact your administrator for details.
at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SendSignInResponse(MSISSignInResponse response)
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms