SAML unable to process IDP response due to extra ? Question Mark Characters (Doc ID 2058198.1)

Last updated on NOVEMBER 05, 2016

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.

Symptoms

OBIEE has been set up to integrated with WebLogic Server SAML 2.0.
After following the standard BI setup for this, the authentication fails.

The normal OBIEE note is:   OBIEE 11g: Configuring Oracle Business Intelligence Enterprise Edition to act as a SAML 2.0 Service Provider for SSO (Doc ID 1350125.1)
This refers to this document: https://blogs.oracle.com/pa/resource/ADFS_Idp_SAML_2.0_Web_SSO_Implementation_for_OBIEE_Single_Node.pdf

In essence, a WebLogic Server domain (in this case OBIEE) has been configured as a SAML "Service Provider" (SP)  working against a third-party  SAML "Identity Provider" (IDP).

The situation could arise in a non-OBIEE scenario, but the fundamental problem is that the IDP response contains extra ? characters.  

(Normally there is only one of these in a URL.)

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms