Posted on 10-24-2021 09:25 PM
Hi everyone,
Hope you can help. We have configured JAMF Pro Single Sign On with ADFS which was working well and last time it works was on Oct 6th. Around 2 weeks later when I logged on to JAMF the SSO is not working even though we haven't made any changes on the JAMF as well as ADFS end.
This is the error message we received "An error occurred while processing your Single Sign-On request. Contact your administrator for assistance."
On checking the log, this is what I found :
Response issue time is either too old or with date in the future, skew 60, time 2021-10-25T03:49:37.476Z
2021-10-25 03:51:09,704 [ERROR] [lina-exec-2] [henticationFailureHandler] - Error validating SAML message
org.springframework.security.authentication.AuthenticationServiceException: Error validating SAML message
Anyone knows what that means?
Thanks!
Posted on 10-25-2021 12:37 AM
I'd say it sounds like there's too big discrepancy in time between the 2 servers.
Could there be different time zones set which led to DST ending too soon on one?
Posted on 10-25-2021 06:44 PM
I've checked the time, the ADFS server has the correct time and the time setting on the JAMF cloud is on the correct time zone.
10-25-2021 04:02 AM - edited 10-26-2021 02:46 AM
Jamf Pro Log: authentication.AuthenticationServiceException (Spring Security). "Error validating SAML message". Signing certificate is invalid.
Posted on 10-25-2021 06:50 PM
Thanks. Our signing certificate actually is still valid and works with other Service Provider.