Troubleshooting SAML Authentication
The Titania Delivery SAML authentication framework is designed to implement the preferred security recommendations available in the SAML protocol. There are a variety of SAML Identity Provider (IdP) applications available. If your SAML IdP supports the recommended security features that TD uses, it will be possible to configure TD to use your SAML IdP.
SAML Tracer
SAML protocol tracers are available as plugins or addons for various browsers. One such tool is SAML Tracer for Mozilla Firefox. Oberon Technologies make no representation or guarantees about the safety or suitability of this tool. Consult your enterprise IT security policies before installing or using any SAML tracer plugin.
A SAML tracer can display the details of the various SAML requests, responses, and redirects that occur during SAML authentication. This can help an experienced SAML administrator identify the possible causes of a SAML authentication problem.
Troubleshooting
- Review the configuration of the SAML security profile that is associated to the portal. Be aware that many security profiles with similar settings and names may have been defined on your system.
- Check the IdP configuration for the IdP to verify that the settings agree with settings in the SAML security profile, and meet the requirements described in SAML Identity Provider SSO Configuration.
- Make sure all X.509 security certificates are up to date on your SAML IdP. Instructions for checking security certificates should be available in your IdP's administration guide.
- Do the certificate strings on Titania Delivery's SAML configuration form match the expected data configured (or auto-configured) on your SAML IdP? Some IdP’s can be configured to auto-update if Titania’s “Service Provider Metadata” changes.
- Does the IdP’s X.509 certificate string match the SAML configuration on Titania Delivery?