fartyalvikram
New Member.
993 views

IDP response was received that failed to authenticate

I am using Access Manager 4.3.1.1.
I have two eDir configured inside Access Manager User Stores, first one is iamidm03 and second is iamidm04 on Server replicas.
Both eDir servers are eDir Replica Server.
When I try to access my protected resource, after authenticated from SAML2 IDP which is configured with Access Manager, it gives the following error on browser
Error:An Identity Provider response was received that failed to authenticate this session. (300101041-8DBCA17FA42045C0)

When I configured only one eDir inside User Store then it is working fine, but with two eDir it gives the above error.
Access Manager IDP logs (/opt/novell/nam/idp/logs/catalina.out) are given below when they gives the error.
<amLogEntry> 2018-02-23T12:12:07Z DEBUG NIDS Application: 
Method: CacheMap.A
Thread: http-nio-192.168.1.116-8443-exec-3

Retrieval of object from cache session failed using key b72985f599f5e408236ef2051c020b7d8cdae1266dc0f02ed57280ca7c80c721. Cache size is 1
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:07Z DEBUG NIDS Application:
Method: CacheMap.A
Thread: http-nio-192.168.1.116-8443-exec-3

Retrieval of object from cache ancestralsession failed using key b72985f599f5e408236ef2051c020b7d8cdae1266dc0f02ed57280ca7c80c721. Cache size is 0
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPProxyableServlet.myDoGetWithProxy
Thread: http-nio-192.168.1.116-8443-exec-2
****** HttpServletRequest Information:
Method: POST
Scheme: https
Context Path: /nidp
Servlet Path: /saml2
Query String: null
Path Info: /spassertion_consumer
Server Name: sso.staging.ca
Server Port: 443
Content Length: 25511
Content Type: application/x-www-form-urlencoded
Auth Type: null
Request URL: https://sso.staging.ca/nidp/saml2/spassertion_consumer
Host IP Address: 192.168.131.147
Remote Client IP Address: 192.168.131.10
Cookie: (0 of 8): JSESSIONID, 04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907
Cookie: (1 of 8): UrnNovellNidpClusterMemberId, ~03~0Bslo~0A~0B~14onn~0A~09~0Fn
Unobfuscated: UrnNovellNidpClusterMemberId: 192.168.1.116
Cookie: (2 of 8): IPCZQX038bc8f30d, 01004f00c0a8830a2bd0dd56b4bbcf5aede7f92a
Cookie: (3 of 8): ZNPCQ003-33363400, 37898e60
Cookie: (4 of 8): _ga, GA1.1.1028638468.1519387894
Cookie: (5 of 8): _gid, GA1.1.668536342.1519387894
Cookie: (6 of 8): _gat, 1
Cookie: (7 of 8): idpLoginType, test-remote
Header: Name: host, Value: sso.staging.ca
Header: Name: connection, Value: keep-alive
Header: Name: content-length, Value: 25511
Header: Name: cache-control, Value: max-age=0
Header: Name: origin, Value: https://fed.ehl.com
Header: Name: upgrade-insecure-requests, Value: 1
Header: Name: content-type, Value: application/x-www-form-urlencoded
Header: Name: user-agent, Value: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.167 Safari/537.36
Header: Name: accept, Value: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Header: Name: referer, Value: https://fed.ehl.com/fed/sp/authnResponse20
Header: Name: accept-encoding, Value: gzip, deflate, br
Header: Name: accept-language, Value: en-US,en;q=0.9
Header: Name: x-forwarded-for, Value: 10.224.128.76
Session Id: 04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907
Session Last Accessed Time: 1519387873043
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: AM#600105004: AMDEVICEID#8DBCA17FA42045C0: AMAUTHID#04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907: Obtained ip address of cluster member handling this users requests from HTTP cookie. Address: 192.168.1.116 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: AM#600105002: AMDEVICEID#8DBCA17FA42045C0: AMAUTHID#04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907: Do not need to proxy HTTP request to other cluster member. This cluster member can handle requests for this user. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: CacheMap.A
Thread: http-nio-192.168.1.116-8443-exec-2

Retrieval of object com.novell.nidp.servlets.NIDPServletSession@6dc1782c from cache session succeeded using key 04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907. Cache size is 1
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application: AM#600105011: AMDEVICEID#8DBCA17FA42045C0: AMAUTHID#04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907: SP saml2 handler to process request received for /nidp/saml2 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: CacheMap.A
Thread: http-nio-192.168.1.116-8443-exec-2

Retrieval of object com.novell.nidp.servlets.NIDPServletSession@6dc1782c from cache session succeeded using key 04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907. Cache size is 1
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2SSOProfile.processResponse
Thread: http-nio-192.168.1.116-8443-exec-2
Received assertion consumer response </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPContext.getRelayStateDecode
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from local file --------> Property:decodeRelayStateParam Value: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Input param url: MA== :: web.xml param value to decode: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPContext.getRelayStateDecode
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from local file --------> Property:decodeRelayStateParam Value: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPLocalConfigUtil.isPostInFlate
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from local file --------> Property:IS_SAML2_POST_INFLATE Value: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2Profile.handleInBoundMessage
Thread: http-nio-192.168.1.116-8443-exec-2
InBound POST message was NOT inflated. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2Profile.traceMessage
Thread: http-nio-192.168.1.116-8443-exec-2


************************* SAML2 POST message ********************************

Type: received
RelayState: MA==
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://sso.staging.ca/nidp/saml2/spassertion_consumer" ID="id-rebLniAVKxzhnM-oOW4Tgc3dxRI-" InResponseTo="idPVme-l5yQAwG9rndalcjKs-At7Q" IssueInstant="2018-02-23T12:12:06Z" Version="2.0"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://fed.ehl.com/fed/idp</saml:Issuer><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI="#id-rebLniAVKxzhnM-oOW4Tgc3dxRI-"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>vR4VlYvu1x/6gW9b5eow7qI8JNo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>llJUcWi05w84E/sgCq3DX0qucmvu63zFFYNaUdOSqL0ae4cw1+NnANtgSo3l1CBqJ1Iv4waKSNnZ5ikRtYLvvrgyiX2+du5P+zd0hT36DjmyuAYMDv2ylUn8lJqmLA+dvbu8d9PKtoB6eOCWWSI25pgZrbktSG1tlU3Qjol6nrFLWdr08AQKTBrAHtp8ZcfXcZOHfrcdTGov/3l0wsSuNy5uFcSJ96WtGNWscMlUv7YVQBk1Wkhy9ef9q+463jdWNu6BWqjzlHNLD3KFpA+TcGTWA/jzwAvCy5hqVKWWZrlmOu4Ybp0ztIS5Tc1v1BEJdSyHAZmgkJteKZufWQuUuA==</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIHCzCCBfOgAwIBAgIEUMru8jANBgkqhkiG9w0BAQUFADCBnzETMBEGCgmSJomT8ixkARkWA3NzaDEbMBkGCgmSJomT8ixkARkWC3N1YnNjcmliZXJzMRUwEwYDVQQLEwxTU0ggU2VydmljZXMxETAPBgNVBAsTCFNlY3VyaXR5MQwwCgYDVQQLEwNQS0kxMzAxBgNVBAMTKmVIZWFsdGggT250YXJpbyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eTAeFw0xNzAzMjQyMDA1NThaFw0yMDAzMjQyMDM1NThaMIGTMRMwEQYKCZImiZPyLGQBGRYDc3NoMRswGQYKCZImiZPyLGQBGRYLc3Vic2NyaWJlcnMxFTATBgNVBAsTDFNTSCBTZXJ2aWNlczEMMAoGA1UECxMDT0lGMREwDwYDVQQLEwhTZXJ2aWNlczEnMCUGA1UEAxMec3Nob2lmMWEwMDAxLmVoZWFsdGhvbnRhcmlvLmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv3tAcmYHMb/kD1ZAjTLwhUji6y0krpOKs0JCqcHrdJuOSinlQ36ncAGi/0hvEeXh/30XgbGDFw7/ovnQGrgVHXpqMBfb/0dUfSepyZHnA6XAQJ+o9Om310XrAFk6/53zYW661gxYQ1XsMYBYj5u5xCtaIP61wvah9JWV/HGiBE4yoTAvz5MtndI/i/riXMQs0W8Cz/41T9rSkm1lqDFDFTGoQBA321KLYc8NG1B238Dy6ZWmv6Jeoey19dnpQctESGX+S2z2z9GuV0GfrGkybO+swApIktIQvkuJMjVZASW1wQ+jNOaO8AysfzvrisRHTNC5zIcTcGkbGeYGhtgJwIDAQABo4IDVzCCA1MwCwYDVR0PBAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjCBzAYIKwYBBQUHAQEEgb8wgbwwgbkGCCsGAQUFBzAChoGsbGRhcDovL2NybC5zc2hhLmNhL2NuPVNtYXJ0JTIwU3lzdGVtcyUyMGZvciUyMEhlYWx0aCUyMEFnZW5jeSUyMFJvb3QlMjBDZXJ0aWZpY2F0ZSUyMEF1dGhvcml0eSxvdT1QS0ksb3U9U2VjdXJpdHksb3U9U1NIJTIwU2VydmljZXMsZGM9c3Vic2NyaWJlcnMsZGM9c3NoP2NhQ2VydGlmaWNhdGU/YmFzZTBHBgNVHREEQDA+oDwGCisGAQQBgjcUAgOgLgwsc3Nob2lmMWEwMDAxLmVoZWFsdGhvbnRhcmlvLkBzdWJzY3JpYmVycy5zc2gwggF4BgNVHR8EggFvMIIBazCBuqCBt6CBtKSBsTCBrjETMBEGCgmSJomT8ixkARkWA3NzaDEbMBkGCgmSJomT8ixkARkWC3N1YnNjcmliZXJzMRUwEwYDVQQLEwxTU0ggU2VydmljZXMxETAPBgNVBAsTCFNlY3VyaXR5MQwwCgYDVQQLEwNQS0kxMzAxBgNVBAMTKmVIZWFsdGggT250YXJpbyBSb290IENlcnRpZmljYXRlIEF1dGhvcml0eTENMAsGA1UEAxMEQ1JMMTCBq6CBqKCBpYaBomxkYXA6Ly9jcmwuc3NoYS5jYS9jbj1lSGVhbHRoJTIwT250YXJpbyUyMFJvb3QlMjBDZXJ0aWZpY2F0ZSUyMEF1dGhvcml0eSxvdT1QS0ksb3U9U2VjdXJpdHksb3U9U1NIJTIwU2VydmljZXMsZGM9c3Vic2NyaWJlcnMsZGM9c3NoP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZTArBgNVHRAEJDAigA8yMDE3MDMyNDIwMDU1OFqBDzIwMTkwNTAxMDAzNTU4WjAfBgNVHSMEGDAWgBTwr4+8yOXi4+LVUaEHPBIHdeYiwTAdBgNVHQ4EFgQU3xI+8a69GrLFwwQ8/OYDfusvbcUwCQYDVR0TBAIwADAZBgkqhkiG9n0HQQAEDDAKGwRWOC4xAwIDqDANBgkqhkiG9w0BAQUFAAOCAQEAUi5uRBEdAki17eejNFEhSGjDpECFLPfH8HtRPQWC3yaS40xEUZ93MTW+u4eNL41cGbYtTA/Q3/UKsaCGQldacIv3xQVQy33eIgi/DWEXFr0eCnugtfKXAK2qbFWDvQye/zLfmvnmnMi3R3O6UKcZDu0edb3YK+GQNdNX3RdoDA7CaR6biWRSo+jLagK7ORFkeSWxZt2wYGuAvC+Sntw0i/DUAnRWSPHuzRjjUo7W/bg7tRi7JHSEJAtOqz6GjOpfN4lZAyPFg0r0SsSrSqIJciTBCxmxy3i7LvvKGYfRd6oCO92LdbHABhHYkhyp8qyNmXWZPsteshGEt35YTUCbKg==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo></dsig:Signature><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:EncryptedAssertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="id-B37tuPsdSJjCvvgXFbccwpW2NtU-" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey" URI="#id-xVi8bYT9Ug68Z5-BN-a3ulPD48Q-"/></KeyInfo><xenc:CipherData><xenc:CipherValue>6+e1w48kT24/xx0wneOVKL93hIwPGg4ZbCn5LWyanjLxpLN/v0zEm2kYqrqsrELe+dtrr0VVEnM34zhAri77B97Cw6yef6t8LYkkLqys1PW03X7P8OdLNN4WTkFD4YsgH60GHF1uWF5jL+tHyYaQriCFJSMJ+yZyrJVJNe+fJLEwDeu0AiS/wdppuTukfNcy/VvPjwH23ZKiUQAi+gR6yGW3xOdFh0v/ObZA5+MjTEHfMBS5fZYipt4w7maAcEUzjlrFXgfY9mfjrOnSa8QoEJIqvb2I7CjEI+YHPfUd3KM+nJcVUKF3SIanVI9AGdjmuwhm/Jv760efB08d35L0U6O7hPpOmR97TLqJ89Go6JrXfwruMA6H7tJ22XbUr393k5fCICR9rW03xmyK9Guvp9o4qNPy6aTN2G+w4HjE31XQoJOesLZXd756/wnYXooKkuuOZKj3HmuGn94fJGAihvWKUUNrEXKPIjHv3fPXx+DdGV1tLf9W4nUpNC4dFH/jqHahOFg72uYOlOQu7/z2Udrc3YJY71Z3kDKrdO3hlTV59333PQweLXuwYmQH5GlMd1DX15n2fLNI2AxZ9xTBvttLPTPI5SyjW398aNG9x2hwSSQXTnJZBQNlDYZlCl/2jUZcCkbde6db3xWv2N25p3fy8526IW/fZQi1Oj8VFVU6IGrY3cH81SYV80TVLIOFBdxTlgJdQ4e71z8rv75LTSnZhQvXUm2yHw6yBh1vvQRRDMbfN4s283KRv8qB3KwqCjtUkWEaqPtPmeqGnK16Zdm/RQWdN1qoEdse2r1kbENOjNg2bbrzSX8gKqktr6xHmSWV0W+ai6VcV0KmXkNBIBUxt+qJKkt8l6DPnusj/+YDjogs6lcw2MzrPViAMi+r6Kwqppg5avhbQswQoW0b49h5ZGFk1Zm1lviRKLi3VIfgKF+bFmtE8F93SJNBdTi30mN/xfT2eQ0Qjc5TN8eqVo+anNS1DtiOiD6jT68kngQ81AOaxt0xh+BBHj7KUK708FUlAqqprmZJJu/elJit9GfiX1m+gTMswehQx+bkob186/OTgi/GTa2Xvu7fURif0docf832GNgEtP47WxrG3fm3GoBp8T8DxEJiIViuZNfy7E1bUo6XNXq6ztslsx5nXUpLJzsIQdk6A9NhkwNTmlSQFjCM/fbG2hnvJcvvNhUdCumBe1VpemGazBneWxgAuaGT5HWZeTzQzMyHT1JUIwTBZr6xIuWsDL8O2uovjfbaEhvw6vRDHFmkMeQWXa9MF+gxUB715q+KB/XfvIuLPuWOVAz8g86bJPdEPjS1dJy9kcmpZ+v7yt1MZYDuJljjuul4PaVPXXw9PUX40J9RM3JLaHvkewXjADD/fYJiu89Dp7BNO70wFeLtiCGRpFgJVDOQvBXIgCZ5vcKGlQt8UPhHDa6qOivoDsN5C7makZhGeglORQOx9dZKOfCtTcZdY9GmafWAMRUY+n0w6pFtFDFbazUNQ7z/ATR4vHhyqfypTxZH9IPTTWWB6ReaN4zkAY/sQpo7onDL3oVHKzuA52ThlqWX1b8Ogglp9IfOajtLPVAKgTpBgi1KRdZ8SNQ92BewOnBZXp5V63hgvdZG9CBNFjrZT4vI9NeFOsH3ujvPMklOeq06aHRErijaSWikEJjdrEE4igNbn21rRK9VjycJHTb8l5JPj7rosL1AGl4eYalkEWtIbCH1Nbvp6hRaZygrSE51Uk10RfA0rnbk+TL8RHIeq1ZHzmoxBA5zJPQf1L4stoTV9wy2u8+G0ypl0y2PutCgKMQEa3F4HfpGcmOPkcWWG1cVbKmcXrHkgfLQEuyRvr91S/6bVqVoKNJmCduPRrD6H7nITGjA+kfm/bfewioIxwzi5CP8lZAg1cceaNil8uXhYvnBJMIW34WUmSiit0mDGf/yq65gkmk2Unt4L0mWKQX2tV4yVkCb+E4SgmsVRhwBQrpr2IAVmK4fAHUlsYanXL0f9ztQDBiJfzqG3uZEnGZ0i5nF7D6CG0GW2bvjJJv1COVRZFiWrAz6mIYw8sT74sEb++tyHcd1gm/T3/tUJoLe0GqK0nr9AkqiPyoYokNYlJ6UjEQ9iggKia50iLdH44HasOpnZOIOvpC4ZWlCea3J+ABcXXMm2zeTVzop90wGhCQBxhyN6dqDcCgTHZMP/5HcZBq6oPSV22u/v1207m6hswJAr6PBbbe81rO5oS0Sa/xrj22oh+LQ/U2lKwtaB8uLwHU8Y7E1EFokNoSfFkKnlGMWDdGeA24Tre2MBb7Uoat/v7lEqD5VcnFObwSmES0+2JhP73MN3yR8cQ9SBLFewUgHDUTo3cpaw2+m//Vilw6n49/8FO7pWgEXCRgf2WFbv8YesSUxGuIXwm0k1k3EnrRDTLHf/sfZBBtfsVKixh7/fvWS4EMcSZj53Jg9zXfXGGnSj+94wsOJXqb34sFOFs5XlR8q3aIcSN+pn21SBu4Au7VCnD7HrMNKgE7RFh2WY2Jc4AqZ4xJFeqv86MiP76Lx4jVxbAS1E7wdTaWwuBKxK6CzT0vhyZgBj/MYNxs7w2m59KA5s2lVtoBXCehvzPmWijE+0XKSut2+GHAafbUBwP5ba/NTM6977D8G0a/4z9LKAiJYTTmQb9auRsAPABiU2WauoFUgSOWQ7yY8GGuNlNjijD4sszAwkoCCwlMfjL04eHNPr233+h0RM6SYWc+i6UKC5aPc1N58M4q58wfGj0BLD8+9skS0UjUbHsBJI+P7ckrGp8TZpWIVN5rsK1ekOVKmvYZxDSDtLOLtLBK24RZIHXVvf+rpTqBhWwxTz7BP7JjeoSKwixmfIMqiXCXkmDuRWWO1uvykQeKeTrfAezz1+JpQKv/O64kqvVuu8LmuIKQfDadpGPNPBx6s7vx7DszSxAr6oZBq0+B+ak9ov2HTifSfToXyIxZnJoymgiIiIREV2e41WCVHUE6LGq6F6uFsceAlEDlWHRuSAe//GNDVQTUkZgq7ZSMAtgTNsKrMCCAs5YrAv5goSQXBi2BqgwM2zP4xjPHK7ZMlZPL6wuawKGbEcrGJX0go1S/wxZvte8FbLNPhMzWICR+PXopJZy/YAmZXtiDWG7ErWxofA5uzlT7lxjHxlUiJ3CWo0H+bwqmzJ/AN/6HAduzEMIbt5oaMhgN5cPS38rP+5sd/kQexwOP9Wmhz796bpgKs/tcY3008DZNcpAJ6oE/7i4b3es41dlmwruzzlA/3S+X2u56/LBe/SFxISBPrLY2betZL4XQK3WtR/62C7oTlr1C+eRYm3z4iC7C8G8J10g+IODzAMIKUxr66SHJDKFL/ECtLLnV0uh2fCzeDLERRg/mXUDyQQHHigenXD9vKusu6vGuVYfj4thrFe++aF/+9bkju54ZH2Wp7SYeo/BHABX+NnZ5Yp4nRfYQ7ty551Qsok6BW0yHugyxxDvo0i9Y17Uk4xj3DhH9GWnKh27lxwj4Jr+uBuOJzT8+l3IWM4Tx6vbZgskIbDHrGG8yu2RzfEJY94ilwmi3jBfB4GYHz3j1+N8bBXmdmozjEpo4USj4bTVWIJbydcTMutJ9rgiVgQ3jutVe+905gwMP8LHPmwbh81zl9JxpS3WbPMF2rFeoWNbgO1EgDzVpQE8o4NZoNSty7Qr7FnLomQwPUkEsiqkWaHJLgM1TI9T4LrkGwIuMBfBvCZ81Aip222c9csiogmTO192od1CRlABctt8N+pGCs4fv0M5LSBtcwfocC+CFk3hr43GfaGlfhDMCCaLi88wOvITaFX5sOnOkqGTVPMbGRg0eu8fae5R2zys5esHznVpHzUxt7fgnN5E5IdONfDbauQJO1gEN4aNMste8Azoukzjd9An6Kc2yFoH4igcMeQQtLtk1+fxCHKzYRYH/aS2nLlkkO+RDcys/sDbzqOs/2SlApmf0yJ8z8wKJ1qP9xuHarrChySae417ZHf1PhjnR/J0d1AvWJts50gl7/8xPUKz6J1tsxRTNn/YEM+KXDjv5PJwiJbSLYQ3q1+N/sKOimoJGtoSTR8XetdUxSYF6LQXzf7UzKgQ4NRc521gtNnPuX0ahzYH1tccbniI5t+vcZ59J/qwlrr7DRbLm7yd+/LTx+plrAnJx5Yg1lGhKqQ0iUFdvs1c3qVz50U6HmgJqmb2bWVLn1qa62ihwYC/eOX113FbDjFE05kNjKtA1hfnYj64uGeVI9UaTk8ZsLUgoJZLjHSkOUXUGLccJKPmew8wCskfNmGgb1POEEcask6dtqg7HWloqJYGm8A2SGhSLQhVjsRUhsyDsoIukC6lMCQxPITvOCxG7n0/YlWq6LAlhXZli5J+PWg006mL9B2JUiqX7aW92IDr9JoLV42tOe6iDtDxab9tkzAY7Klq62d5Z60wZlM3GZa9NHCj9tymIdpTdH9C38RoV8/q+SCz0Ewd2XSnX31RhYGlYHwAzLQBA9Iu9IPJ8W/UVW8d8OUzVqfimBMVKqk3MW13/TyYcE8cTCwkmjouJQ5XHEqVBuvUzubJV5+z7TgGKoi//AGIYgT6GO/FEyyh/nJdvsbswBAI2D7SVpHOI1hMaqnGomfkHBtzeOm8K/NC9kNE0z6cOhKQoybWTgipXqON3s6Qlf7CKRKL1y/HAAZxH20m99hOFq4909DqByjQ3oDVtGzVP11JFUmXMWHiM3jYxIHmNOVHfroyw9v3khvhT4rNFgTWxqflUoJiU6vEXldy3dSiCpLW80QygwlipAFIHUyS6N1yhqfK7SgrbQ3KwMO7wa7HarKwPWBYj5csTPgtrRRHbgaIdQhYdUhNtt8bMClC1TPQ+/byJ0fxFPNfVDNNzcdut3q/+1W+sb386RyeEkbJ44fxl9JIZW/zmAf8Txtp9Z9z8DlBTmVLL6ombbmDZGsZhuQZeGTBmVK0WBvNc0D4T322S8eIeIBKcrFJfp560mC0ueQvaAMLmNswjp5y5xIznEkGCA24AL4nU5gWxLaV0l/N3LYyrRaHKgAGQ23062iOmdDK0QKJ1wkBmqIH85srR4UNnwiLvXp1BFO4Nao6XIQRjjnG+tKwY24QILVje/DZH8dD1NeK8KaKbrgOlMZMawKrXjn+F7cYylKKWw3GcLA4ipbpqmS1esnODYKViY6C3k27AmCVAlSQt/8DaHJhxcu5+ubz2fI+M9YVrHKg8wZfgtkXcNDP+O2r7loefmQV7KVdOQlmDD8BOH7QjhcDLz09w6YtDFlJbL3OZ2wErZf1lWQlrB8h6ed6qcO0U4CjsrsztfFChrphTvobyWUbwQdncQlAwOk2ZgxO3uwzAuE3Y3mQTPAIwfYGa62dhExfRP7Qf25Oj5XH978fGXH/4ko/METCPUj70vTSUKKbmV5XbZ4+lOBQnGO3OY56X1C83LQG7UA/s/W6jDf8kHIFeTxDP+zDq7MCqf/Qik/XBgYO4KkDTtyW2043pFwSMHBK4NCipq+BWwGD/34gXJWYNuXNN8YeZdCy3CeszGJ2iWoCF8wPHre1XeVIbgrE/CVRGBi9rj7eVvfQauXY4DHT1FH3BU+Ys9zIpItLbHaSj4PMTV8Y1/0S1OnDp0NoTpMkYCJ9v853i8FCoafOi1TB9C6rM5Tws845M9MD8NngmymLrtCXc0cziK6O942L8xLim7XmCbTyK2RwDWf4bgTAcwuW9mpTnCjCP2k7lSe4GnQAk1+goJxZeIiWOzpWEC7XKnvY1mt7X2uHYZWyN7AMQy03Xoo8Q6f7n05hCHn5cNcv44jtPwpD3a+xk6cHR4fVPYBZqBWOgZ1BU6h9/n+Bp/rMuVYmk4FpUyUiuG/Dny1iFhSx2/mHaJIYT0vrPRRiksXiE9u+GTa/HQc8b1hb9O39I0wmhc70GHi4fG7FjzMVe99pZT5yweCOotDEQhDcoPreETrr3/mcz1VOSTokRQW/x/+pUGyDw7sbrchxsJh1z7CTg2nk3tWQgBn6k+6ikw3LDyGhN+PujkX4nx9IcVKF3yTRZ3pKwVLcmxDQ3wYbvj1UyD6PHaRjLOd7o+6xeGloTSAuIbNCdaMiw9Nz38OyHuqMAE5lGO9TfeQB72JlR8ocxHxQ3I8Iew788WrgLwbTlXKWCJ0QW7OEwjv9kwJ1OTtGwYaOvnd4sozO61Yp9g0HzHnrz0ASKqen1qG372F/GbJZvzJHxZMIxHs2v2jev7ET4MGg+oIAUg2FhPWSxrFQ2Fk7hU7Fx0cE50zEf56/crZxqmUqohH2LEZnK3gMzL+aTbwo7S1Kje1smZh5KsEjspeBvQq1PYdk0YmfHYAV0mpqG2baeV5JtBmMCZc5P31u2R6nDdBoMGivH9NZPUVNWfD7acXpbg+ZDJ/mwsw+BmZ6uCQvFeMqQDDVxHfjBm104eRh0NXz5ajwearYXqMfO6o2zBU7VHsi/axaRKPZF8BWAbuVeBLjdxUGTgbthBZ1AxDhPYBqB21eVxS8I5+xLNS1FE5HRQAAtLrtXCG2Sf5tIYRMKe34Zzje2oU2bfm8a/k8vbiorzMj3FFGfLL2z2MltxJ3rIE3rrMfadNw2u5ZrpIGlCAERDQLQeUDXTuQBFuR4mhsATMwbyKUZdUq9kciR0Im9RE0aOSpp8Pu2pKnkyrvA84/yC0wr++WwaNtyLsim85zPhoGC2M38O7gqTTi2kjPkoeOuTSqNJW0uh93PY7e6V35DP6zqi679aPJN2DoWo5BmTQ7WeghX0bPWP6RImIg5PEKwupij8/AFvxz7PuYpervvxskv/Vhr5whFbXxMOHjI16EGxO7H7xz0ZzHglMnSMv7CDZF6avl0+kZ41hiVIir5anhoJpcnYMaNFv9lidNJ7VYGadXKJIS8ylm2hka/RLtT7AeUzaaCmVDxGHVK8TiCPRwPWfPJmG9Wm7iNgZDSnLOixy8RnnuVyk3mi9/ZeLZ7nQn8IfsCcsbaCjgQ2H71NC0pdTtvomVmYnLRtiH1cSmLQ76TDrhwzwZSmZSiF+sg4zlWATnJCmyPgUbq1AdjVdMOueIePYaiVHgx0tr9BrO4T6Av8Z6DPrnM6qkclBkXCIYo09EqTNoOn0fU0/ZlLNNih0vHvxw1BWclqrnfy/ZhaQ6LmzydusZmA+2tlece2DtT4xL0Q3quYkHHO0czoeGf0+Ekq3Mia63qaV129gEXzflK6FBsSxKxnYL9KPs0QzWVsL4R4jjyQ5PdHBH9sqea37nZW27ine+hTF3qHlsA8WqsImZPvZyqYuERQF3/BdPYEG8wmc3cdPgEikBMFmspcwd/0NC9nS7yaJx7s3drtiU+EeDiHqURmgWUIOp2j5Sf7MpZyQLiOjsc24OQZISZJ1nMt+igFKV0+wNwx49pDaD63wL7lzMUdZmmmlh9EzXxtkkrWajYlM6UFDjv8qxxbC1Mk62K6NmfDUlv4jshjfcmYas5I4wMMSKvtheuLf/zf5UHOKLv2aff27l7FNTBA6TXD7w1Mu0zDqWZ7ZsEu2w/EjEzSXKH3BvSbJKsa8HNbRbwB4E7tFhW6vodD0XgnxiTcav8HNsi2jGoWhhEIlvYaMIruhYqW+aer79SkTpngk2JmaqjjU8LLUPISV/fp0XZplFtm0xmoM8KghDxMmrGoc4+0vZYIjjdSpPTdf5LZP6FAAKq2OTQ3Nx/vzl4zyn5VgYt5FGXVUQ0z8EMEcXxoVbwBtjdjm+ah9OmFlRC55y/K5Smzgrt8WyAkGGYHgpz/RQxKKLCLddi+CGecfqy0t8uzHCSSSGLmRLYxIF/4rNUac1Vz9E4N6TkjvJ+f+1mKKQ4CqNuXJr8WrDv17dn+SM0scKLySziab8Ppt8l/SOhiuTSVrYyUeCAR9KjNO9iqsOkeM4ljYtJQhUJ0oRSdbZ2CeJCxcArOEZix2m8izFHJigV0tQb5hgkaEXcUd+QvaFss4YXlzvzQAT+fTYWZaF+/K6J96MrQPfk+P+zA6qLeuCcIrAx4xAqjLJpnn0zpJZmhlsPJjmuEeP6kkIzkTs9uj2hx46juMotx90XibQk9pWwzqbD3mzpWt8gp7v3i9TMZ6bVn8hJX+iQCgVSExdjnaOfKs0cLgWfgkQ5kj25y1dy9AZkm/R2cL6GDmsX3JXpDsyKsDDDC0+jMm8/CrP2pI/dskjFsh6I9urzSgD/pP8caJNFYPdE2Ns8wORMl+U/+ZQIjZAecVGZw4v5/EJM16XAo8k2MKnLlBNMzO8lHsK+dcDJ1lmmCQI5StXibLnvNqdmBACYeSaF7SgSM5XAaqSxGpdalEkpMZFyMknHEATsQfEl/Oq+47GdUYe8UCJgJIZiFr031TRHQA+LnQgCDz8UVy3zROEaZnJfM6QDwN5Vouekocyo/Or/ZEBfM4znI8YALuk15g7g3SML28cAp/n5gtIVB4HuF5GVuznwjcI+4OH98uDWAG4eswYmT2PmQtPdXUzb0X3K3+n/Of2tBR8oyGX+YSVP/5+HzGmMqDDIuNo677oJJ1B3sRqc7PNWiP1jQXy4I2CP3Cuy7VsdQ+sZkuWZj0ZA+z62Ueaj8YU1UAI4/IRcfcqnw/urDKFjTha39qB9b9b2D00KOw6i3aHuG8e4FoJw2NSPZfB1R6dEMRIM2a4htMxY1J5qkj5+K2rWrp1Db8ldQkpj/xhwRTaZj2cekdOxbYYlsB33uNMh5rWgROCxklGHN0TJzsctqsJrlnO7jB8R2g9mxh1patA0oysHJAzG0CGBdVeKDm8VwAnxqvIHvLTKDhrUjvFl9MLSnHRuuqb24MsCAeX6SH8z9EJF9S9NygFxe1qqCwGOCnoReVgRmcPy6w96cKwUrIOncW/lm4clydB+KgSTU1HXqTRSMASyNdrC2AhuXHP6pfTLSAqANQOatXbuaT0P1/HnqaqVeBwLGZ/nsWy9JFC1pW/nIJilsI2dtl74//LH/IXkNoLXTwEYoo8/+xmMgfx1OOAIQI4+tdMh6YmZdsm5cylEBi3YaGl+MQqvcw6Uh92CeFgSxTA5b4kMlAcsfB09jvIpbEIHfe2bC8SBpmhr3UBbPSbcY9MNye7GQDHhqt/heRiAQK/gMDnM9FI9zdO7WMmEVwPuXXL0SXjBv1wXOzOsGz/HhEwIPtheOgZ0i6Vl1tlefCrBN3Sxvn8XX9b82KjnacAXILReU9DjZlshz9fqXsdfI58f4J4MQ3XGd57VwqivhEGDhTaRudhPPFjTSFLcljPI+VJ1aAy+Rv53cKC2+Yw8kL9Qhy+xz7wkbOLNSRgjqFoiWoF0Uv+VeFozxhWet9GMIcxiamSvX1LJo0SV+AD/EBnkNAQD7oZjUXnKXwTD0Y36mnoYX2Ji0f7d8n3VNYTBWIT+y78b8DxqwNKzt77VRhnvs9pGbBmap2VMPW9X9eO/o7Iupbrzhx/2MQT+w1sRoBtwYvcZORQPdSnJOnkXSrbfwOrlDMO9wQTYkZ2fsGv3xZd9pBJ1BKNCF90fnnRhQRQ5AuSFwrf4xLjNjVyi6R7fq5uql9sHx6ThxcLft6t3AcSa+G7piRgs514QDm0lwDyS9d/Y911cxLl4XrRJZieDzOjGFq80/PgIyn3WVI4XjiU60zGotXi4HLH/UHVpr7ZeJLs7kuBaED1lyJ9o4OHz+3J2+CUMdUN3ZuO7cM8iJwzBtc5O4HqDUYlduI7aJ7UQyU3xiXKL+BHnQszOGy2EQ1bZ9nIU1IKEPm9bT1WcXHvPSYftiwR/KYCKVLok940JGaIdEhxczZEyy6QspULXUkFdFy18tesd1C1SqKYhZrvwPqeLZG7IM49alixLPbNQS9EhOr2lFiScO5K8bBjJnk7hUyVkUd7KLgvll0zvCchtxi1UIe8uNY46mW2WuqUhS6pqxj4wtIhWdWV36M9mD6pGHcxwnfiUmguQ/CHbOvUN6tRvBGXHSNYuySKQm9UbMLhHyD4dqW4O8P5UzzYk6rNU3NmdvQbzUDi05bM2acUr0tk3WcC4h0OiLIfF4u0Qk9Maha5bBxAKvgG82LPtDdwrKXzlzM44DN2a5UB71oCg/IzCJtl4LglsAkY3P93I3ld3EWbUni6IU09bZzxC8b4CDs18FRH9pdpRFrgGLVEzg73s0mOZCN8OQj3vXChjoaLx4fN3MLjGSY+EBHECTi0IwtbkVzO5KpJv8w/GiNNSMQFuGw4oI2gjvXERG1LA3abz3p4gCkS7VsFcEelmN9xhw4U6kem30Z0HSx/z+o0+73r2ZgRvft3qAHJLTITqIIXb0bTjAuGnSAcKa6VGlg7u+5qCyhPyo9HYm4kptgDJl85k33yVL1OotLtJouB2PCv2i3Wdj6R6J6RJDyglHvQ+AlUWkH7xSmXoQeLw40TZSY5NJ3kC0l5OjPLWIZTKQvUwL55wk3fkcYeCo2q7Q+Va4A5zfX1/9V3qMUduj8O6wDGZd86sNZFheJmrKBmORLpzxLL745fJUw69LnBNUDfmK5thLwuW9S9ytQOEcGgSmUuoQmXiYC6sf+EqA4kqNh29nvJPzhUdYIwMZFYWM6davITFPyb4GocrOm+ZsMarx9vMGQIFc6xTTdBA1RPtMeERyFiatWwsbme3E1AFG6RDA/fE5hkHEACeplKhyeskMhI25+dP9UB/82vmxlPz8E8tVy8pahsglvuXtfU+Aw2n9yWyazu/he19rz0DAD/4SKNAA3FWJ5OYse/LLKGWoeS8Xh0+zgv86isa8GFdOkLvOQyQtHrQllSgLym/fzCE5f9cqVV8wd5hvxyXMtzh7L2/1hIk1fJvwJcWJMzOVbiN/hV76htnLP+H52mSGE2R+ZcDGvQ025PBOxsVhEs4au8eOXcwRFUMfMCZYDyPbGdi1ZhaVRL0bfrLCVuj/6o7b6HgB/V7Md3p0tv1naWVJ4Oh9pKE21j1EWod2GPqSLtNCIWsOvGaG9ltvgZYOjlx71KZyTS5zgrJcMmyxka9c1aIEH1F0gGodXgO2cVdHhDw07K6S83Hjabobh5stj0iS5ffnuaKiE7C+ChcxyQQW2cg5r0T72Q9qYwvkzqq/XzLA7V1uqC+yi1EEO+J0GR2VxWAj5G84WlqWQ9A0P9h22jMgybPSz1wB7p0a/PdpsVzEMcA7/rwxYL2OikroZDVTpXEEf+b4t8zz+WHIBcdQZP6lfy6FJqLd0q1mtAS5jGC9DAXFeqtD0FvlmbxC+4qc7mqo96eh5JcgYmLTLog4Scz2PcPKsp3DIe+pyClxTQ32LHXJjzfYbiQLRzuyDpxwGtLfP4vAYHFSORPiguBLDl7UKxcxVrbZdIV7nNtdEII3fFvWBzXe/f984cJAcuy8pcPi0raNKSrH7IWRg8qwWe4Y6UuBGrfgP86yRmyPMq2cttEMkxdzatWuSnYZ/YDHK+TPNRKCWL+2G8Iuqt3qQNmdJoB2wlve7naUfwmxptQ+zzNNBOhGfoHn2+tJ3swoE+CHQGUAwKTzWMadheVLsNaJsj2WomuC6qzyviDPX7Yh4aq0gSA8KlQ5VYqwXSip4pPujzlQHtUHHcurl960vRhHnKRdyfNSg9ALz5RsuZn11C1bZJUXa8k7srtFprO2KMuZHzf1BxHTubKYM1bGG8iKcI3KsHzs3p3925PBG52HZ9FBw1YQQJOcavop7r8DZwlfKfMjBRsLIDyc6ux/OLgC/TWDGxAI11nP5pxYE3wgHrgkivOdsHof756SnXLZUnD9tz5qqrUvr0VecylwbbD+aqRgmE664lyT3Bn889yxp3KRg9+HxELFBIwESo0UTCKOSQvMNlaT2p5SW7dm6xZHhHJNsWGUTt9VGkKW1bz0vV81YgRr65RAx4eBM4Y0GPBGhc2ofuq3iCyHTtC25y527z7Zioy7An/9UoUMSdcgbBCq20ifjbpCVBxxOk3fYhjyR3McJyDjCW1uQk9nsw==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="id-xVi8bYT9Ug68Z5-BN-a3ulPD48Q-"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><xenc:CipherData><xenc:CipherValue>ocbJjJbRRclm+QZSZcZVTkgdtxq2pBWleTYLN/T4jEKoU8BQa9BORHfUfCkc5YMAWiw2HmblbNtgkNqaUJzMU5ZMB5WGBiXozhiEJcJy4c9pyHiqqTZ76/WqivN+rD7yz4ErUX0bdwo9it0wZdFV4Q1ShF5W5cDKYYw4iZynRWMakajMuGakkFOfIGMbgf+He1SpamVD9lSv6AHlYsmsHhGAdnuCnNsjnvMa3dD/2I94RWMH8PCPhaaXo8XfWww5b13gSQMBEH4PQcWbQRPqmyaylj4x+T3FlTfDuLlRTblj7HcB/EeFGnZ7xR5AEusNSxZTQMCT7EN8KRct+6Ogyg==</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#id-B37tuPsdSJjCvvgXFbccwpW2NtU-"/></xenc:ReferenceList></xenc:EncryptedKey></saml:EncryptedAssertion></samlp:Response>
************************* End SAML2 message ****************************

</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPLocalConfigUtil.isOptionConfigured
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from local file --------> Property:XML_PARSE_ALLOW_DTD Value: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: XMLSignable.logEncryptInfo
Thread: http-nio-192.168.1.116-8443-exec-2
Encrypted element [[urn:oasis:names:tc:SAML:2.0:assertion-saml-EncryptedAssertion]s (1)] was decrypted using encryption cert [CN=FEDERATION.PPE, OU=Applications, OU=ehlUsers, OU=Subscribers, DC=subscribers, DC=ssh] having serial no [1472264926] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2Profile.A
Thread: http-nio-192.168.1.116-8443-exec-2
Processing artifact for pre-brokering, provider= https://fed.ehl.com/fed/idp and relayState = MA== </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2Profile.A
Thread: http-nio-192.168.1.116-8443-exec-2
Relaystate does not have Intersite Transfer request.. no brokering policy enforcement is needed </amLogEntry>

Feb 23, 2018 7:12:08 AM org.apache.xml.security.signature.Reference verify
INFO: Verification successful for URI "#id-rebLniAVKxzhnM-oOW4Tgc3dxRI-"
Feb 23, 2018 7:12:08 AM org.apache.xml.security.encryption.XMLCipher loadEncryptedData
SEVERE: XMLCipher unexpectedly not in DECRYPT_MODE...
<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2AuthnContext.parse
Thread: http-nio-192.168.1.116-8443-exec-2
expiration: 0 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2AuthnContext.parse
Thread: http-nio-192.168.1.116-8443-exec-2
AssuranceLevel: urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: XMLSignable.logEncryptInfo
Thread: http-nio-192.168.1.116-8443-exec-2
Encrypted element [[urn:oasis:names:tc:SAML:2.0:assertion-saml-AttributeStatement]] was decrypted using encryption cert [CN=FEDERATION.PPE, OU=Applications, OU=ehlUsers, OU=Subscribers, DC=subscribers, DC=ssh] having serial no [1472264926] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: XMLSignable.logEncryptInfo
Thread: http-nio-192.168.1.116-8443-exec-2
Encrypted element [[urn:oasis:names:tc:SAML:2.0:assertion-saml-Subject]] was decrypted using encryption cert [CN=FEDERATION.PPE, OU=Applications, OU=ehlUsers, OU=Subscribers, DC=subscribers, DC=ssh] having serial no [1472264926] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: SAML2Utils.isSaml2AvoidSignAndValidateAssertion
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from edirectory configuration store --------> Property:SAML2_AVOID_SIGN_AND_VALIDATE_ASSERTION_TRUSTEDPROVIDERS Value: false Trusted Provider: https://fed.ehl.com/fed/idp </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: SAML2Utils.isSaml2AvoidSignAndValidateAssertion
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from edirectory configuration store --------> Property:SAML2_AVOID_SIGN_AND_VALIDATE_ASSERTION_TRUSTEDPROVIDERS Value: false Trusted Provider: https://fed.ehl.com/fed/idp </amLogEntry>

Feb 23, 2018 7:12:08 AM org.apache.xml.security.signature.Reference verify
INFO: Verification successful for URI "#id-vVlflN7WigX4F9SdSNY2g75oPU4-"
<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2Utils.getOptionValue
Thread: http-nio-192.168.1.116-8443-exec-2
SAML2_CHANGE_ISSUER is not configured as service provider's ui option </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: IDPAuthenticationHandler.handleAuthentication
Thread: http-nio-192.168.1.116-8443-exec-2
Was authnResponse verified: Yes </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: IDP response validated successfully, now attempting to authenticate </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2Utils.getOptionValue
Thread: http-nio-192.168.1.116-8443-exec-2
SAML2_CHANGE_ISSUER is not configured as service provider's ui option </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPLocalConfigUtil.isOptionConfigured
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from local file --------> Property:SAML2_ISSUER_NAMEQUALIFIER Value: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPLocalConfigUtil.isOptionConfigured
Thread: http-nio-192.168.1.116-8443-exec-2
Property read from local file --------> Property:SAML2_ISSUER_FORMAT Value: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: SAML2Utils.isOptionConfigured
Thread: http-nio-192.168.1.116-8443-exec-2
SAML2_SIGN_METHODDIGEST_SHA256 is not configured as service provider's ui option </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPLocalConfigUtil.getSaml2TPValueBoolean
Thread: http-nio-192.168.1.116-8443-exec-2
[nidpconfig.properties] Options - https://fed.ehl.com/fed/idp->SAML2_SIGN_METHODDIGEST_SHA256 value returned: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: XMLSignable.preSigning
Thread: http-nio-192.168.1.116-8443-exec-2
Atempting to sign XMLSignable object: Name: AttributeQuery </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: XMLSignable.A
Thread: http-nio-192.168.1.116-8443-exec-2
Signing will use certificate [CN=FEDERATION.PPE, OU=Applications, OU=ehlUsers, OU=Subscribers, DC=subscribers, DC=ssh] having serial no [1472264926] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS SAML2:
Method: NIDPLocalConfigUtil.isSaml2KeyEnabled
Thread: http-nio-192.168.1.116-8443-exec-2
'SAML2_SIGN_METHODDIGEST_SHA256' doesn't map to an existing object [nidpconfig.properties]. SAML2 request -error parsing SAML2 property SAML2_SIGN_METHODDIGEST_SHA256 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: XMLSignable.postSigning
Thread: http-nio-192.168.1.116-8443-exec-2
Signature completed for object! Name: AttributeQuery </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: NIDPLocalConfigUtil.getSaml2TPValueBoolean
Thread: http-nio-192.168.1.116-8443-exec-2
[nidpconfig.properties] Options - ->SAML2_RESPONSE_AVOID_REMOVE_EXTRANEOUS_NAMESPACES value returned: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Authenticate by identity false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: LDAPAuthority.B
Thread: http-nio-192.168.1.116-8443-exec-2
Get IDentity DN nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: LDAPAuthority.getPrincipalByIdentityName
Thread: http-nio-192.168.1.116-8443-exec-2
Searching for Identity using dn nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: cn=STIDP8e7gxd,cn=SMSPxyct9r,cn=SCCjfas74,cn=cluster,cn=nids,ou=accessManagerContainer,o=novell, Filter: nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca, Scope: 1, Request Controls: null, UserId: ou=nidsUser,ou=UsersContainer,ou=Partition,ou=PartitionsContainer,ou=VCDN_Root,ou=accessManagerContainer,o=novell </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Closing LDAP connection due to connection timeout! Interval: 2475016, Timeout: 10000, Connection: Id: 993b068b-9417-41b0-b480-03c49998154e, host: ldaps://192.168.1.111 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Connection: 4e48f622-1779-42c2-8ede-222dc4213fff, Environment Parameters for InitialDirContext() method call:
Key: java.naming.factory.initial, Value: com.sun.jndi.ldap.LdapCtxFactory
Key: java.naming.provider.url, Value: ldaps://192.168.1.111:636
Key: com.sun.jndi.ldap.connect.timeout, Value: 0
Key: java.naming.security.principal, Value: ou=nidsUser,ou=UsersContainer,ou=Partition,ou=PartitionsContainer,ou=VCDN_Root,ou=accessManagerContainer,o=novell
Key: java.naming.security.authentication, Value: simple
Key: java.naming.security.credentials, Value: *****
Key: java.naming.security.protocol, Value: ssl
Key: java.naming.ldap.factory.socket, Value: com.novell.nidp.common.util.net.client.NIDP_SSLSocketFactory
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Added property to DirContext Environment: Property Name: java.naming.ldap.attributes.binary, Value: GUID nDSPKITrustedRootCertificate </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://192.168.1.111 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 1 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Performing LDAP search (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@5b93ebd1 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=users,o=data, Filter: (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwccuhhhc3n </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Closing LDAP connection due to connection timeout! Interval: 61843, Timeout: 10000, Connection: Id: 8890656f-3649-4026-951a-65fc0827dc4a, host: ldaps://iamidm04.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Connection: fe17af8b-f902-46da-8d8b-0cb7db58dcb1, Environment Parameters for InitialDirContext() method call:
Key: java.naming.factory.initial, Value: com.sun.jndi.ldap.LdapCtxFactory
Key: java.naming.provider.url, Value: ldaps://iamidm04.staging.ca:636
Key: com.sun.jndi.ldap.connect.timeout, Value: 0
Key: java.naming.security.principal, Value: cn=admin,ou=sa,o=system
Key: java.naming.security.authentication, Value: simple
Key: java.naming.security.credentials, Value: *****
Key: java.naming.security.protocol, Value: ssl
Key: java.naming.ldap.factory.socket, Value: com.novell.nidp.common.util.net.client.NIDP_SSLSocketFactory
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Added property to DirContext Environment: Property Name: java.naming.ldap.attributes.binary, Value: GUID nDSPKITrustedRootCertificate </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm04.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Performing LDAP search (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@409d71fd </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=groups,o=data, Filter: (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwccwlgoq3o </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Closing LDAP connection due to connection timeout! Interval: 61915, Timeout: 10000, Connection: Id: 472fa9b7-31fa-47c1-bd48-f8c66647ed72, host: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Connection: b495be38-d79b-4c64-aec7-85f9a82baa42, Environment Parameters for InitialDirContext() method call:
Key: java.naming.factory.initial, Value: com.sun.jndi.ldap.LdapCtxFactory
Key: java.naming.provider.url, Value: ldaps://iamidm03.staging.ca:636
Key: com.sun.jndi.ldap.connect.timeout, Value: 0
Key: java.naming.security.principal, Value: cn=admin,ou=sa,o=system
Key: java.naming.security.authentication, Value: simple
Key: java.naming.security.credentials, Value: *****
Key: java.naming.security.protocol, Value: ssl
Key: java.naming.ldap.factory.socket, Value: com.novell.nidp.common.util.net.client.NIDP_SSLSocketFactory
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Added property to DirContext Environment: Property Name: java.naming.ldap.attributes.binary, Value: GUID nDSPKITrustedRootCertificate </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: LDAP search objects found: 0 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z VERBOSE NIDS Application: Federation not found </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: UserSearch.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Root Search Expression: (NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D"655ABAFF768423DEE05400144FFB5FB6@testfed.on.ca") </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: UserSearch.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Processing Expression: NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: UserSearch.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Added SearchType: Ldap! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="TESTPrincipalFedKey"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="TESTPrincipalFedKey"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: LdapSearcher.search
Thread: http-nio-192.168.1.116-8443-exec-2
Ldap attribute search involving 1 expressions! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="TESTPrincipalFedKey"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS WSP:
Method: LdapSearcher.search
Thread: http-nio-192.168.1.116-8443-exec-2
Searching on User Store: cn=US7i0v87,cn=Abepq29,cn=SCCjfas74,cn=cluster,cn=nids,ou=accessManagerContainer,o=novell. Ldap Search Filter: (&(&(TESTPrincipalFedKey=655ABAFF768423DEE05400144FFB5FB6@testfed.on.ca))(objectClass=User)) </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=users,o=data, Filter: (&(&(TESTPrincipalFedKey=655ABAFF768423DEE05400144FFB5FB6@testfed.on.ca))(objectClass=User)), Scope: 2, Request Controls: null, UserId: cn=admin,ou=sa,o=system </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:08Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=groups,o=data, Filter: (&(&(TESTPrincipalFedKey=655ABAFF768423DEE05400144FFB5FB6@testfed.on.ca))(objectClass=User)), Scope: 2, Request Controls: null, UserId: cn=admin,ou=sa,o=system </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm04.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: LdapSearcher.search
Thread: http-nio-192.168.1.116-8443-exec-2
Resulting Hit Set:
Markup: Name: MarkupSearchResult
user store: cn=US7i0v87,cn=Abepq29,cn=SCCjfas74,cn=cluster,cn=nids,ou=accessManagerContainer,o=novell
hits: count: 0
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="TESTPrincipalFedKey"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: ExpressionEvaluator.A
Thread: http-nio-192.168.1.116-8443-exec-2
Result set obtained from Expression: NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: ExpressionEvaluator.A
Thread: http-nio-192.168.1.116-8443-exec-2
Operator is CNF and an EMPTY result set exists. Return empty result set as final Expression result! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: ExpressionEvaluator.evaluateSearchResults
Thread: http-nio-192.168.1.116-8443-exec-2
Added Evaluation to Expression: (NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D"655ABAFF768423DEE05400144FFB5FB6@testfed.on.ca")
Markup: Name: MarkupEvaluationResult
hits: count: 0
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: UserSearch.search
Thread: http-nio-192.168.1.116-8443-exec-2
Removing 0 hits because they are on User Stores that are disallowed! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: UserSearch.search
Thread: http-nio-192.168.1.116-8443-exec-2
The search resulted in ZERO HITS because the Evaluation had zero hits! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z INFO NIDS IDFF: AM#500106007: AMDEVICEID#8DBCA17FA42045C0: Could not uniquely identify a user account using the following lookup expression: (NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D"655ABAFF768423DEE05400144FFB5FB6@testfed.on.ca") </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="givenName"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="sn"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="TESTPrincipalFedKey"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="OneIDIdentifier"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="AssuranceLevel"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22OBO~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="RID"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="UAO"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="ServiceEntitlements"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ProvisioningStatus~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="CommunicationEmail"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22Fax+Ext~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22User+Billing+Number~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22LHIN~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ProfessionalRegistry~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ProfessionalRegistryID~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22Postal+Code~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22co~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22city~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="displayName"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22initials~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22mobile~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22o~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="AssertingParty"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFModelEntry.getSchemaClassInstance
Thread: http-nio-192.168.1.116-8443-exec-2
Cannot create schema class instance because model entry represents a container: LDAP attributes of my authenticated user object </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS WSP:
Method: WSFXPath.<init>
Thread: http-nio-192.168.1.116-8443-exec-2
Creating a WSFXPath in model: LDAP Attribute Profile for XPath: /UserAttribute[@ldap:targetAttribute="IdentityVerificationSchemeRef"] </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22homePostalAddress~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22IntegratedSource~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.setModifyAttrs
Thread: http-nio-192.168.1.116-8443-exec-2
Provisioning Attribute "NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22mail~22~5D" had no value. </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: ProvisionProfile.doProvisioning
Thread: http-nio-192.168.1.116-8443-exec-2
Method Parameter loginScreen: false
Can Provision: true
Instance Variable: State:
SAML2ProvisionProfileState
State: Map
Has Attributes?: true
Federated?: false
SAML Map: cn=SAMe18yg0,cn=map
Attribute Array Size: 16
Modify Tokens Array Size: 12
Credentials Array Size: 0
Instance Variable: Policy:
SAML2IDPAccessPolicy
SSO Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
SLO Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
RNI Binding: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect
Display Name: fed.ehl.com
CRL Check Period Binding: 0
Validate Password on Match: false
Provision from Login: false
Force Unique User Name: true
Delete Provisioned Users: false
Identify User Account Action: Map User
Failed Mapping Action: Map User
User Name Creation Action: Auto Generate
Password Creation Action: Auto Generate
First Segment Length: -1
Second Segment Length: 15
First Segment: NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22sn~22~5D
Second Segment: NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D
Junction: -
User Name Length: 50
User Store DN: cn=US7i0v87,cn=Abepq29,cn=SCCjfas74,cn=cluster,cn=nids,ou=accessManagerContainer,o=novell
User Store Account Creation Context: ou=users,o=data
Password Min Length: 8
Password Max Length: 15
Overwrite Real User: false
Overwrite Temporary User: false
Logout on Post Method Exec Error: true
Required Attributes Length: 4
Required Attributes: NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22givenName~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22sn~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22OneIDIdentifier~22~5D
Optional Attributes Length: 24
Optional Attributes: NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22AssuranceLevel~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22OBO~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22RID~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22UAO~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ServiceEntitlements~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ProvisioningStatus~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22CommunicationEmail~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22Fax+Ext~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22User+Billing+Number~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22LHIN~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ProfessionalRegistry~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ProfessionalRegistryID~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22Postal+Code~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22co~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22city~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22displayName~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22initials~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22mobile~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22o~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22AssertingParty~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22IdentityVerificationSchemeRef~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22homePostalAddress~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22IntegratedSource~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22mail~22~5D
PreFetch Attributes Length: 13
PreFetch Attributes: NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22OneIDIdentifier~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22sn~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22givenName~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22AssuranceLevel~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22TESTPrincipalFedKey~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22IdentityVerificationSchemeRef~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22displayName~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22AssertingParty~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22UAO~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22RID~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22OBO~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22ServiceEntitlements~22~5D, NEPXurn~3Anovell~3Aldap~3A2006-02~2Fldap~3AUserAttribute~40~40~40~40WSCQLDAPToken~40~40~40~40~2FUserAttribute~5B~40ldap~3AtargetAttribute~3D~22CommunicationEmail~22~5D
SAML 1 Contract URI: /uri/anyauthentication
Encrypt Identifier: false
SAML1?: false
</amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(cn=deer-655abaff768423d)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@5b93ebd1 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=users,o=data, Filter: (&(cn=deer-655abaff768423d)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce22gpv4g </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm04.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(cn=deer-655abaff768423d)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@409d71fd </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=groups,o=data, Filter: (&(cn=deer-655abaff768423d)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce2594h4h </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: LDAP search objects found: 0 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(cn=deer-655abaff768423d)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@5b93ebd1 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=users,o=data, Filter: (&(cn=deer-655abaff768423d)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce6njmd4j </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(cn=deer-655abaff768423d)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@409d71fd </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=groups,o=data, Filter: (&(cn=deer-655abaff768423d)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce6rkx4k </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: LDAP search objects found: 0 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Authenticate by identity false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: LDAPAuthority.B
Thread: http-nio-192.168.1.116-8443-exec-2
Get IDentity DN nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: LDAPAuthority.getPrincipalByIdentityName
Thread: http-nio-192.168.1.116-8443-exec-2
Searching for Identity using dn nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: cn=STIDP8e7gxd,cn=SMSPxyct9r,cn=SCCjfas74,cn=cluster,cn=nids,ou=accessManagerContainer,o=novell, Filter: nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca, Scope: 1, Request Controls: null, UserId: ou=nidsUser,ou=UsersContainer,ou=Partition,ou=PartitionsContainer,ou=VCDN_Root,ou=accessManagerContainer,o=novell </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://192.168.1.111 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 1 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@5b93ebd1 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=users,o=data, Filter: (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce6yglm4l </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@409d71fd </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=groups,o=data, Filter: (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce71ptx4m </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: LDAP search objects found: 0 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Federation not found </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Authenticate by identity false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Session has consumed authentications: false </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: LDAPAuthority.B
Thread: http-nio-192.168.1.116-8443-exec-2
Get IDentity DN nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: LDAPAuthority.getPrincipalByIdentityName
Thread: http-nio-192.168.1.116-8443-exec-2
Searching for Identity using dn nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: cn=STIDP8e7gxd,cn=SMSPxyct9r,cn=SCCjfas74,cn=cluster,cn=nids,ou=accessManagerContainer,o=novell, Filter: nidsIdentityName=655ABAFF768423DEE05400144FFB5FB6%40testfed.on.ca, Scope: 1, Request Controls: null, UserId: ou=nidsUser,ou=UsersContainer,ou=Partition,ou=PartitionsContainer,ou=VCDN_Root,ou=accessManagerContainer,o=novell </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://192.168.1.111 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 1 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@5b93ebd1 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=users,o=data, Filter: (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce78pau4n </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Performing LDAP search (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)) in context com.novell.nam.common.ldap.jndi.JNDIUserStoreSearchContext@409d71fd </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Base context: ou=groups,o=data, Filter: (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)), Scope: 2, Request Controls: null, UserId: jdzwce7bmd44o </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
getNextConnection() attempting to get preferred replica from the IPreferredReplica interface </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Try connection: ldaps://iamidm03.staging.ca </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: JNDILogEventListener.accept
Thread: http-nio-192.168.1.116-8443-exec-2
Found 0 results! </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: LDAP search objects found: 0 </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z VERBOSE NIDS Application: Federation not found </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS Application:
Method: IDPAuthenticationHandler.A
Thread: http-nio-192.168.1.116-8443-exec-2
accountIDState, authnRequest, and authnResponse all reset. Returning status: NOT_AUTHENTICATED </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z INFO NIDS Application: AM#500105039: AMDEVICEID#8DBCA17FA42045C0: AMAUTHID#04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907: Error on session id 04ebedcb74e0a7c0022db69966975cc12ca15eeaaa3025ecc47fae1b146e8907, error 300101041-8DBCA17FA42045C0, An Identity Provider response was received that failed to authenticate this session.:User account identification failed:null </amLogEntry>

<amLogEntry> 2018-02-23T12:12:10Z DEBUG NIDS IDFF:
Method: LibertySSOProfile.processAuthnRequest
Thread: http-nio-192.168.1.116-8443-exec-2
Process Liberty AuthnRequest </amLogEntry>
0 Likes
1 Reply
Knowledge Partner
Knowledge Partner

Re: IDP response was received that failed to authenticate

On 24-02-2018 12:04 AM, fartyalvikram wrote:
>
> I am using Access Manager 4.3.1.1.
> I have two eDir configured inside Access Manager User Stores, first one
> is iamidm03 and second is iamidm04 on Server replicas.
> Both eDir servers are eDir Replica Server.
> When I try to access my protected resource, after authenticated from
> SAML2 IDP which is configured with Access Manager, it gives the
> following error on browser
>
> Code:
> --------------------
> Error:An Identity Provider response was received that failed to authenticate this session. (300101041-8DBCA17FA42045C0)
> --------------------
>
> When I configured only one eDir inside User Store then it is working
> fine, but with two eDir it gives the above error.
> Access Manager IDP logs (/opt/novell/nam/idp/logs/catalina.out) are
> given below when they gives the error.
>


Going through your logs i can see when the assertion is received you try to do a match with a few attributes against your user store. This seems to be
failing. then it attempts to do a provisioning which is failing as well. NOt sure what your configuration is but what is expected? Should the user
match? You are trying to match on GUID and then another attribute called TESTPrincipalFedKey. My guess is that the GUID search will pretty much always
fail unless you shared your object GUID with the IDP. Is TESTPrincipalFedKey is a real attribute in your user store?

Base context: ou=users,o=data, Filter: (&(GUID=\a9\34\fe\9d\39\ad\ce\41\26\af\a9\34\fe\9d\39\ad)(objectClass=User)), Scope: 2, Request Controls: null,
UserId: jdzwccuhhhc3n </amLogEntry>

Base context: ou=users,o=data, Filter: (&(&(TESTPrincipalFedKey=655ABAFF768423DEE05400144FFB5FB6@testfed.on.ca))(objectClass=User)), Scope: 2, Request
Controls: null, UserId: cn=admin,ou=sa,o=system </amLogEntry>




--
Cheers,
Edward
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.