Error 403 forbidden with SSO SAML 2.0 when deploying two Analytics ear files
(Doc ID 1991070.1)
Last updated on MARCH 08, 2017
Applies to:Business Intelligence Server Enterprise Edition - Version 18.104.22.168.141014 and later
Information in this document applies to any platform.
Customer had configured the environment with SSO (ADFS + SAML 2.0) according this document:
When logging in to Analytics encountered the following error:
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:
10.4.4 403 Forbidden
It appeared as though server understood the request, but is refusing to fulfill it. This status code is commonly used when the server does not wish to reveal exactly why the request has been refused, or when no other response is applicable.
Customer had also followed OBIEE 11g "Error 403--Forbidden" Accessing OBIEE Through SAML SSO(Doc ID 1928807.1)
Checking the logs for BI servers and ADFS servers and following errors were noticed:
1. On ADFS servers site Error ID 364:
Encountered error during federation passive request.
Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '2' seconds. Contact your administrator for details.
at Microsoft.IdentityServer.Web.FederationPassiveAuthentication.SendSignInResponse(MSISSignInResponse response)
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|