NetScaler SAML IDP: Getting “ Parsing of presented Assertion failed. Please contact your administrator”.
Article ID: CTX227514
Updated On:
Description
In the browser, we get the below error:
“ Parsing of presented Assertion failed. Please contact your administrator”.
In the newnslogs, we see the below events :
17 462453 231 1 0 saml_assertion_parse_fail Wed Aug 23 14:55:43 2017
18 0 248 1 0 aaa_samlidp_tot_authnreq_fail Wed Aug 23 14:55:43 2017
19 777790 232 1 0 saml_assertion_parse_fail Wed Aug 23 15:08:41 2017
20 0 249 1 0 aaa_samlidp_tot_authnreq_fail Wed Aug 23 15:08:41 2017
Resolution
It's a know issue. Refer the Issue IDs (691669, 693361) in the release notes of 12.0 build 53.6 https://www.citrix.com/downloads/netscaler-adc/firmware/release-120-build-536.html
Solution: Upgrade the device to 12.0 build 53.6
Workaround: Configure SAML Service Provider to send signed authentication requests
When unsigned AuthnReq is sent with NameIDPolicy, SAML IDP fails to parse incoming request
Solution: Upgrade the device to 12.0 build 53.6
Workaround: Configure SAML Service Provider to send signed authentication requests
Problem Cause
When unsigned AuthnReq is sent with NameIDPolicy, SAML IDP fails to parse incoming request
Issue/Introduction
After upgrading from 11.1. build 54.14 to 12.0 build 51, customer is not getting the authentication prompt from NetScaler (Which is acting as SAML IDP). Instead getting the error message as “ Parsing of presented Assertion failed. Please contact your administrator”.
Was this article helpful?
Yes
No
Powered by
