Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-61157

Jenkins automatically set entityId as https://jenkins.company.com/securityRealm/finishLogin

    Details

    • Similar Issues:

      Description

      I am configuring SAML2 plugin to connect to Azure Active directory.

      In Azure active directory, entity id is created as "jenkins-test".

      But when try to logon using SAML, it return this error

       

      1) Application with identifier 'https://jenkins.company.com/securityRealm/finishLogin' was not found in the directory 'xxx'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant.

       

      2) Upon checking saml-idp-metadata.xml, the entityId is set as "https://jenkins.company.com/securityRealm/finishLogin".

       

      3) Nex step, editing saml-idp-metadata.xml to jenkins-test, retry the logon, same error appear, checking back saml-idp-metadata.xml, changes is reverted back to "https://jenkins.company.com/securityRealm/finishLogin".

       

      How do we set the plugin to look for "jenkins-test" as entityId instead ?

       

        Attachments

          Activity

          Hide
          wailoont Wai Loon Tan added a comment -

          I found out that you can specify the entityID in Advanced Configuration for SAML 2.0.

          Leaving it blank will force Jenkins to use https://jenkins.company.com/securityReam/finishLogin as default entityID, at least that is what i experienced.

          Show
          wailoont Wai Loon Tan added a comment - I found out that you can specify the entityID in Advanced Configuration for SAML 2.0. Leaving it blank will force Jenkins to use https://jenkins.company.com/securityReam/finishLogin  as default entityID, at least that is what i experienced.
          Show
          ifernandezcalvo Ivan Fernandez Calvo added a comment - https://github.com/jenkinsci/saml-plugin/blob/master/doc/TROUBLESHOOTING.md#no-valid-subject-assertion-found-in-response

            People

            • Assignee:
              ifernandezcalvo Ivan Fernandez Calvo
              Reporter:
              wailoont Wai Loon Tan
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: