Caught Exception while validating SAML2 Authentication response
SAML authentication implemented in Pega 7.1.9 worked properly. However, an error occurred after upgrading to Pega 7.2.1.
Unable to process SAML2 Authentication response: Caught Exception while validating SAML2 Authentication response for SSO profile: Request ID doesn't match In response to field of SAML assertion,Possibility of a security breach.
Steps to Reproduce
- Use SSO for Pega 7.1.9.
- Upgrade to Pega 7.2.1.
- Log in by connecting to SSO.
User-installation error: Older version of pySAMLWebSSOAuthenticationActivity was used, which was overridden.
Perform the following local-change:
Copy out-of-the-box Pega 7.2.1 version of pySAMLWebSSOAuthenticationActivity and modify it.
Published September 2, 2016 - Updated September 13, 2016