Support Article

Error while connecting to ADFS

SA-37331

Summary



Error when hitting the SSO URL with Pega 7.2.2.


Error Messages



<date> [<Thread ID>] [ STANDARD] [ ] [MktFw:01.01.01] ( internal.util.PRSAMLv2Utils) ERROR <HostName> - Caught Exception while processing SAML2 Authentication response
com.pega.pegarules.pub.PRRuntimeException: No attribute statements found in the SAML Response,Unable to deduce an operator record for further processing


Steps to Reproduce



Not Applicable


Root Cause



A defect or configuration issue in the operating environment.

There is no attribute statement in the assertion sent back by Identity provider.

PRPC as a service provider needs to identify and initialize the operator after it is authenticated, so user needs at least one Attributestatement per response.

Resolution



Make the following change to the operating environment:


Use Identity provider to pass response with “<saml:AttributeStatement>" (example pasted below)



<saml:AttributeStatement>
<saml:Attribute Name="mail" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValuexsi:type="xs:string"> email_address </saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>

Published May 2, 2017 - Updated May 15, 2017

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.