I am trying to implement SAML for REST web application. Currently I am using OpenEdge 11.4 version. I have configured appSecurity-basic-saml.xml file with Metadata files of SP and IDP. Now when I try to call REST web application from IDP, It opens an alert box in browser with the message "Authentication Required" and asking for username and password. I have tried username and password stored in tomcat-users.xml but it gives error shown below in log file of REST web application.
ERROR com.progress.rest.security.OESamlProcessingFilter doFilter - User : Username authentication failed: Error in user credentials
Why it is showing an alert box in the first place? What credentials I am suppose to provide in alert box?
Note: IDP is sending assertion in BASE64 encoded form. Please check the alert message that is coming up as attached file.
Thanks in advance,
As you configured SAML, you should provide credentials stored in your IDP. Alert box comes up as you configured basic saml. If you would like to have it as a form in your browser, configure form saml (i.e. appSecurity-form-saml file)
If you would like to use users in tomcat-users.xml file for authentication, you need to configure Container security using appSecurity-container.xml file.
Hope, this helps.
I am using OneLogin as IDP, it stores username as NameID not password, and provides this NameID in assertion.
I am not sure how OneLogin works. If you would like to have someone to look into your configuration immediately. Please contact Tech support and log an RFA.