IBM Support

New MAS 9.0.0 multiple SAML identity provider feature not working when instance ID contains a hyphen.

Troubleshooting


Problem

In MAS 9.0.0, support for more than one SAML identity provided has been added. If a second SAML identity provider is configured and the MAS instance ID contains a hyphen, there is a chance that users may have issues trying to authenticate using SAML. This is an edge case scenario and it will not happen only by upgrading MAS to 9.0.0 because MAS 8.11 only supported a single SAML identity provider to be configured. The SAML authentication problem may only occur if these 2 conditions are met: a second SAML identity provided is configured and the MAS instance ID contains a hyphen.

Symptom

If you configure a second SAML identity provider in MAS 9.0.0 and the MAS instance ID contains an hyphen, then when trying to authenticate in MAS using SAML, the user may not be redirected to the selected SAML identity provider for authentication. Local and LDAP user authentication are not affected by this issue.

Cause

This problem can occur due to an oversight in cookie management.

Diagnosing The Problem

In MAS, if this rare combination where a second SAML authentication provider is configured in MAS 9.0.0 and the instance ID has an hyphen.

Resolving The Problem

It is important to notice that this problem is not easy to reproduce, because support for multiple SAML and LDAP identity providers has been introduced only in 9.0.0.
However, should this problem happen after adding a second SAML identity provider, it is possible to resolve the problem by removing this second SAML identity provider.

Document Location

Worldwide

[{"Type":"MASTER","Line of Business":{"code":"LOB59","label":"Sustainability Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSRHPA","label":"IBM Maximo Application Suite"},"ARM Category":[{"code":"a8m0z000000cwZDAAY","label":"Maximo Application Suite"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0.0"}]

Document Information

Modified date:
20 June 2024

UID

ibm17158131

Page Feedback