Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-50749

SAMLException: No valid subject assertion found in response (Azure)

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Minor
    • Resolution: Fixed
    • Component/s: saml-plugin
    • Environment:
      Docker image jenkins/jenkins:2.107.1 (similar behavior in previous tagged versions too) deployed on kuberntes. SAML Plugin 1.0.5
    • Similar Issues:

      Description

      I have used the saml-plugin to integrate our login with Azure Active Directory. This works most of the time, but sometimes (a few times a month) I get redirected to /securityRealm/finishLogin and I see the stacktrace shown below.

      I have attached logs to this ticket for

      org.pac4j.saml

       

      I have followed this ticket, https://issues.jenkins-ci.org/browse/JENKINS-44992. My configuration includes the IdP metadata URL and a Refresh Period of 120. I have extended my Maximum Authentication Lifetime to 1209600, which seems to make this happen less often.

      Sometimes I can workaround this by logging out of office365 and then visiting the site. Many users in my org have just resorted to opening Jenkins in incognito mode.

      StackTrace shown at /securityRealm/finishLogin

      org.pac4j.saml.exceptions.SAMLException: No valid subject assertion found in response
      	at org.pac4j.saml.sso.impl.SAML2DefaultResponseValidator.validateSamlSSOResponse(SAML2DefaultResponseValidator.java:313)
      	at org.pac4j.saml.sso.impl.SAML2DefaultResponseValidator.validate(SAML2DefaultResponseValidator.java:138)
      	at org.pac4j.saml.sso.impl.SAML2WebSSOMessageReceiver.receiveMessage(SAML2WebSSOMessageReceiver.java:77)
      	at org.pac4j.saml.sso.impl.SAML2WebSSOProfileHandler.receive(SAML2WebSSOProfileHandler.java:35)
      	at org.pac4j.saml.client.SAML2Client.retrieveCredentials(SAML2Client.java:225)
      	at org.pac4j.saml.client.SAML2Client.retrieveCredentials(SAML2Client.java:60)
      	at org.pac4j.core.client.IndirectClient.getCredentials(IndirectClient.java:106)
      	at org.jenkinsci.plugins.saml.SamlProfileWrapper.process(SamlProfileWrapper.java:53)
      	at org.jenkinsci.plugins.saml.SamlProfileWrapper.process(SamlProfileWrapper.java:33)
      	at org.jenkinsci.plugins.saml.OpenSAMLWrapper.get(OpenSAMLWrapper.java:65)
      	at org.jenkinsci.plugins.saml.SamlSecurityRealm.doFinishLogin(SamlSecurityRealm.java:263)
      	at java.lang.invoke.MethodHandle.invokeWithArguments(MethodHandle.java:627)
      	at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:343)
      	at org.kohsuke.stapler.interceptor.RequirePOST$Processor.invoke(RequirePOST.java:77)
      	at org.kohsuke.stapler.PreInvokeInterceptedFunction.invoke(PreInvokeInterceptedFunction.java:26)
      	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:184)
      	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:117)
      	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:129)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
      Caused: javax.servlet.ServletException
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:765)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
      	at org.kohsuke.stapler.MetaClass$3.doDispatch(MetaClass.java:209)
      	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:58)
      	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:715)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:845)
      	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:649)
      	at org.kohsuke.stapler.Stapler.service(Stapler.java:238)
      	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
      	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:841)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1650)
      	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:154)
      	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:157)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
      	at org.jenkinsci.plugins.saml.SamlCrumbExclusion.process(SamlCrumbExclusion.java:28)
      	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:73)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
      	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at jenkins.security.BasicHeaderProcessor.doFilter(BasicHeaderProcessor.java:93)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
      	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
      	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
      	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:90)
      	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:171)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
      	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:49)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
      	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:82)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
      	at org.kohsuke.stapler.DiagnosticThreadNameFilter.doFilter(DiagnosticThreadNameFilter.java:30)
      	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1637)
      	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:533)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
      	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:190)
      	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:1595)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:188)
      	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1253)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:168)
      	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:473)
      	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:1564)
      	at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:166)
      	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1155)
      	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
      	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:132)
      	at org.eclipse.jetty.server.Server.handle(Server.java:564)
      	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:317)
      	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251)
      	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:279)
      	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110)
      	at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:124)
      	at winstone.BoundedExecutorService$1.run(BoundedExecutorService.java:77)
      	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
      	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
      	at java.lang.Thread.run(Thread.java:748)

       

        Attachments

          Activity

          Hide
          ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited

          Thank you so much, I was looking for this issue months, and now I have the SAMLResponse to figure out what happens. I'll plan to resolve those kinds of error by invalidating the session and redirecting to the login page again JENKINS-50004, for the moment the workaround is to enable "advanced/force auth"

          I'll dig deeper into the response to see why is not valid

          <samlp:Response
            ID="_65521826-71ff-42fc-93ba-9a9958370ba6"
            Version="2.0"
            IssueInstant="2018-04-11T18:48:42.429Z"
            Destination="https://jenkins.example.com/securityRealm/finishLogin"
            InResponseTo="_mcjoipte7kavyngvhqwbfzla9pp4kxb9b2s35v4"
            xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
            <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">https://sts.windows.net/67b039ac-f578-42c6-9b5b-aa1b5bb0388f/</Issuer>
            <samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status>
            <Assertion ID="_857608cf-646d-4ba0-9968-0e2a37b4b2f8" IssueInstant="2018-04-11T18:48:42.398Z" Version="2.0" xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
              <Issuer>https://sts.windows.net/67b039ac-f578-42c6-9b5b-aa1b5bb0388f/</Issuer>
              <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                <SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
                  <Reference URI="#_857608cf-646d-4ba0-9968-0e2a37b4b2f8">
                    <Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
                    <DigestValue>...</DigestValue>
                  </Reference>
                </SignedInfo>
                <SignatureValue>...</SignatureValue>
                <KeyInfo>
                  <X509Data>
                    <X509Certificate>...</X509Certificate>
                  </X509Data>
                </KeyInfo>
              </Signature>
              <Subject>
                <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">USER</NameID>
                <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><SubjectConfirmationData InResponseTo="_mcjoipte7kavyngvhqwbfzla9pp4kxb9b2s35v4" NotOnOrAfter="2018-04-11T18:53:42.398Z" Recipient="https://jenkins.example.com/securityRealm/finishLogin"/></SubjectConfirmation>
              </Subject>
              <Conditions NotBefore="2018-04-11T18:43:42.398Z" NotOnOrAfter="2018-04-11T19:43:42.398Z">
                <AudienceRestriction>
                  <Audience>https://jenkins.example.com/securityRealm/finishLogin</Audience>
                </AudienceRestriction>
              </Conditions>
              <AttributeStatement>
                <Attribute Name="http://schemas.microsoft.com/identity/claims/tenantid">
                  <AttributeValue>67b039ac-f578-42c6-9b5b-aa1b5bb0388f</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.microsoft.com/identity/claims/objectidentifier">
                  <AttributeValue>83b0ac03-c7a4-46cc-90ac-143990d0a9eb</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.microsoft.com/identity/claims/displayname">
                  <AttributeValue>USER</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.microsoft.com/identity/claims/identityprovider">
                  <AttributeValue>https://sts.windows.net/67b039ac-f578-42c6-9b5b-aa1b5bb0388f/</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.microsoft.com/claims/authnmethodsreferences">
                  <AttributeValue>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AttributeValue>
                  <AttributeValue>http://schemas.microsoft.com/claims/multipleauthn</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname">
                  <AttributeValue>USER</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname">
                  <AttributeValue>FIRSTNAME</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress">
                  <AttributeValue>EMAIL</AttributeValue>
                </Attribute>
                <Attribute Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name">
                  <AttributeValue>EMAIL</AttributeValue>
                </Attribute>
              </AttributeStatement>
              <AuthnStatement AuthnInstant="2018-03-28T17:41:00.065Z" SessionIndex="_857608cf-646d-4ba0-9968-0e2a37b4b2f8">
                <AuthnContext>
                  <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthnContextClassRef>
                </AuthnContext>
              </AuthnStatement>
            </Assertion>
          </samlp:Response>
          
          Show
          ifernandezcalvo Ivan Fernandez Calvo added a comment - - edited Thank you so much, I was looking for this issue months, and now I have the SAMLResponse to figure out what happens. I'll plan to resolve those kinds of error by invalidating the session and redirecting to the login page again JENKINS-50004 , for the moment the workaround is to enable "advanced/force auth" I'll dig deeper into the response to see why is not valid <samlp:Response ID= "_65521826-71ff-42fc-93ba-9a9958370ba6" Version= "2.0" IssueInstant= "2018-04-11T18:48:42.429Z" Destination= "https: //jenkins.example.com/securityRealm/finishLogin" InResponseTo= "_mcjoipte7kavyngvhqwbfzla9pp4kxb9b2s35v4" xmlns:samlp= "urn:oasis:names:tc:SAML:2.0:protocol" > <Issuer xmlns= "urn:oasis:names:tc:SAML:2.0:assertion" >https: //sts.windows.net/67b039ac-f578-42c6-9b5b-aa1b5bb0388f/</Issuer> <samlp:Status><samlp:StatusCode Value= "urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status> <Assertion ID= "_857608cf-646d-4ba0-9968-0e2a37b4b2f8" IssueInstant= "2018-04-11T18:48:42.398Z" Version= "2.0" xmlns= "urn:oasis:names:tc:SAML:2.0:assertion" > <Issuer>https: //sts.windows.net/67b039ac-f578-42c6-9b5b-aa1b5bb0388f/</Issuer> <Signature xmlns= "http: //www.w3.org/2000/09/xmldsig#" > <SignedInfo><CanonicalizationMethod Algorithm= "http: //www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm= "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /> <Reference URI= "#_857608cf-646d-4ba0-9968-0e2a37b4b2f8" > <Transforms><Transform Algorithm= "http: //www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm= "http://www.w3.org/2001/10/xml-exc-c14n#" /></Transforms><DigestMethod Algorithm= "http://www.w3.org/2001/04/xmlenc#sha256" /> <DigestValue>...</DigestValue> </Reference> </SignedInfo> <SignatureValue>...</SignatureValue> <KeyInfo> <X509Data> <X509Certificate>...</X509Certificate> </X509Data> </KeyInfo> </Signature> <Subject> <NameID Format= "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" >USER</NameID> <SubjectConfirmation Method= "urn:oasis:names:tc:SAML:2.0:cm:bearer" ><SubjectConfirmationData InResponseTo= "_mcjoipte7kavyngvhqwbfzla9pp4kxb9b2s35v4" NotOnOrAfter= "2018-04-11T18:53:42.398Z" Recipient= "https: //jenkins.example.com/securityRealm/finishLogin" /></SubjectConfirmation> </Subject> <Conditions NotBefore= "2018-04-11T18:43:42.398Z" NotOnOrAfter= "2018-04-11T19:43:42.398Z" > <AudienceRestriction> <Audience>https: //jenkins.example.com/securityRealm/finishLogin</Audience> </AudienceRestriction> </Conditions> <AttributeStatement> <Attribute Name= "http: //schemas.microsoft.com/identity/claims/tenantid" > <AttributeValue>67b039ac-f578-42c6-9b5b-aa1b5bb0388f</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.microsoft.com/identity/claims/objectidentifier" > <AttributeValue>83b0ac03-c7a4-46cc-90ac-143990d0a9eb</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.microsoft.com/identity/claims/displayname" > <AttributeValue>USER</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.microsoft.com/identity/claims/identityprovider" > <AttributeValue>https: //sts.windows.net/67b039ac-f578-42c6-9b5b-aa1b5bb0388f/</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.microsoft.com/claims/authnmethodsreferences" > <AttributeValue>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AttributeValue> <AttributeValue>http: //schemas.microsoft.com/claims/multipleauthn</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" > <AttributeValue>USER</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" > <AttributeValue>FIRSTNAME</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" > <AttributeValue>EMAIL</AttributeValue> </Attribute> <Attribute Name= "http: //schemas.xmlsoap.org/ws/2005/05/identity/claims/name" > <AttributeValue>EMAIL</AttributeValue> </Attribute> </AttributeStatement> <AuthnStatement AuthnInstant= "2018-03-28T17:41:00.065Z" SessionIndex= "_857608cf-646d-4ba0-9968-0e2a37b4b2f8" > <AuthnContext> <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthnContextClassRef> </AuthnContext> </AuthnStatement> </Assertion> </samlp:Response>
          Hide
          dwatroustrinet Daniel Watrous added a comment -

          Ivan, I'm glad this was helpful. I was in the process of transitioning to https://plugins.jenkins.io/azure-ad as an alternative to this plugin, but depending on your timeline for submitting a fix, I'm willing to hold off on my transition and help you test any changes. 

          I'm also willing to help with the fix if you give me some pointers about where to start looking in the code.

          Show
          dwatroustrinet Daniel Watrous added a comment - Ivan, I'm glad this was helpful. I was in the process of transitioning to https://plugins.jenkins.io/azure-ad  as an alternative to this plugin, but depending on your timeline for submitting a fix, I'm willing to hold off on my transition and help you test any changes.  I'm also willing to help with the fix if you give me some pointers about where to start looking in the code.
          Hide
          tsevinc Teoman Sevinç added a comment -

          I have same issue for Docker image jenkins/jenkins:2.116 (similar behavior in previous tagged versions too) deployed on kuberntes. SAML Plugin 1.0.5  environment on Google Cloud.

          Show
          tsevinc Teoman Sevinç added a comment - I have same issue for Docker image jenkins/jenkins:2.116 (similar behavior in previous tagged versions too) deployed on kuberntes. SAML Plugin 1.0.5  environment on Google Cloud.
          Hide
          apowell Andy Powell added a comment -

          We are experiencing the same issue, but it is on every login.  jenkins/jenkins2.127 SAML Plugin 1.0.4 running in a pod in GKE on google cloud.

          We did not have this on jenkins/jenkins 2.95

          This is classified as a minor, does anyone know when a fix would be ready?

          Show
          apowell Andy Powell added a comment - We are experiencing the same issue, but it is on every login.  jenkins/jenkins2.127 SAML Plugin 1.0.4 running in a pod in GKE on google cloud. We did not have this on jenkins/jenkins 2.95 This is classified as a minor, does anyone know when a fix would be ready?
          Hide
          dwatroustrinet Daniel Watrous added a comment -

          Andy Powell I'm not sure if you're also using Azure AD, but I moved my Jenkins hosts to https://wiki.jenkins.io/display/JENKINS/Azure+AD+Plugin and I haven't had another problem. That other plugin uses OAuth instead of SAML.

          Show
          dwatroustrinet Daniel Watrous added a comment - Andy Powell I'm not sure if you're also using Azure AD, but I moved my Jenkins hosts to https://wiki.jenkins.io/display/JENKINS/Azure+AD+Plugin  and I haven't had another problem. That other plugin uses OAuth instead of SAML.
          Hide
          apowell Andy Powell added a comment -

          Thank you Daniel Watrous.  I will give that a try.

          Show
          apowell Andy Powell added a comment - Thank you Daniel Watrous .  I will give that a try.
          Hide
          ifernandezcalvo Ivan Fernandez Calvo added a comment -

          Exists a workaround if you enable Force auth, in any case, I hope the next version resolves all these kind of issues, I will release it in a week or so.

          Show
          ifernandezcalvo Ivan Fernandez Calvo added a comment - Exists a workaround if you enable Force auth, in any case, I hope the next version resolves all these kind of issues, I will release it in a week or so.
          Hide
          ifernandezcalvo Ivan Fernandez Calvo added a comment -

          released on SAML Plugin 1.0.6

          Show
          ifernandezcalvo Ivan Fernandez Calvo added a comment - released on SAML Plugin 1.0.6

            People

            • Assignee:
              ifernandezcalvo Ivan Fernandez Calvo
              Reporter:
              dwatroustrinet Daniel Watrous
            • Votes:
              1 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: