Appian SAML Authentication Method

Hello,

I am establishing an Appian SAML SSO integration with External IDP. We complete the whole configuration. The challenges we are facing to set up the Authentication Method.

External IDP support AALs as authentication methods, AALs methods are new methods introduced to replace LOAs.  However, in Appian, AALs are not implemented. 

Did anyone face the same issue? Let me know if any solution.

  Discussion posts and replies are publicly visible

Parents Reply Children
  • Did you get the 401 error when you tried clicking the 'Test Connection' button? Can you attach a screenshot of what you are seeing?

  • Yes, Please find the attache screenshot.

    2020-04-19 00:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL db cache cleanup process executing...removing expired entries from db
    2020-04-19 00:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL current memory cache entries=0 size=0 bytes
    2020-04-19 01:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL db cache cleanup process executing...removing expired entries from db
    2020-04-19 01:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL current memory cache entries=0 size=0 bytes
    2020-04-19 02:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL db cache cleanup process executing...removing expired entries from db
    2020-04-19 02:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL current memory cache entries=0 size=0 bytes
    2020-04-19 03:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL db cache cleanup process executing...removing expired entries from db
    2020-04-19 03:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL current memory cache entries=0 size=0 bytes
    2020-04-19 04:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL db cache cleanup process executing...removing expired entries from db
    2020-04-19 04:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL current memory cache entries=0 size=0 bytes
    2020-04-19 05:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL db cache cleanup process executing...removing expired entries from db
    2020-04-19 05:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL current memory cache entries=0 size=0 bytes
    2020-04-19 06:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL db cache cleanup process executing...removing expired entries from db
    2020-04-19 06:09:15,137 [Timer-4] INFO  com.appiancorp.cache.sail.StatefulSailCacheImpl - Stateful SAIL current memory cache entries=0 size=0 bytes
    2020-04-19 06:54:09,333 [ajp-nio-8009-exec-3983] ERROR com.appiancorp.security.auth.saml.SamlTestServlet - Unexpected exception during SAML authentication test: Index: 0
    java.lang.IndexOutOfBoundsException: Index: 0
    	at java.util.Collections$EmptyList.get(Collections.java:4456)
    	at net.shibboleth.utilities.java.support.collection.LazyList.get(LazyList.java:90)
    	at org.opensaml.core.xml.util.ListView.get(IndexedXMLObjectChildrenList.java:320)
    	at org.opensaml.core.xml.util.ListView.get(IndexedXMLObjectChildrenList.java:237)
    	at com.appiancorp.security.auth.saml.IdentityProviderManager.getName(IdentityProviderManager.java:177)
    	at com.appiancorp.security.auth.saml.IdentityProviderManager.createSamlAuthenticationToken(IdentityProviderManager.java:157)
    	at com.appiancorp.security.auth.saml.SamlTestServlet.processTestResponse(SamlTestServlet.java:130)
    	at com.appiancorp.security.auth.saml.SamlTestServlet.handlePost(SamlTestServlet.java:120)
    	at com.appiancorp.security.auth.saml.SamlTestServlet.handleRequest(SamlTestServlet.java:82)
    	at com.appiancorp.security.auth.saml.SamlTestServlet.service(SamlTestServlet.java:64)
    	at javax.servlet.http.HttpServlet.service(HttpServlet.java:741)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.ap2.EntryFilter.doFilter(EntryFilter.java:40)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.atlassian.plugin.servlet.filter.IteratingFilterChain.doFilter(IteratingFilterChain.java:39)
    	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:70)
    	at com.atlassian.plugin.servlet.filter.ServletFilterModuleContainerFilter.doFilter(ServletFilterModuleContainerFilter.java:58)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.web.AppsPortalVisibilityFilter.doFilter(AppsPortalVisibilityFilter.java:70)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)
    	at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)
    	at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)
    	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.tuckey.web.filters.urlrewrite.RuleChain.handleRewrite(RuleChain.java:176)
    	at org.tuckey.web.filters.urlrewrite.RuleChain.doRules(RuleChain.java:145)
    	at org.tuckey.web.filters.urlrewrite.UrlRewriter.processRequest(UrlRewriter.java:92)
    	at org.tuckey.web.filters.urlrewrite.UrlRewriteFilter.doFilter(UrlRewriteFilter.java:389)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.common.web.PathMatchExclusionFilter.doFilter(PathMatchExclusionFilter.java:68)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.web.FrameOptionsFilter.doFilter(FrameOptionsFilter.java:40)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.auth.ForceSetPasswordFilter.doFilter(ForceSetPasswordFilter.java:47)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.auth.AuthenticationStatusHeaderFilter.doFilter(AuthenticationStatusHeaderFilter.java:38)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.xss.XssFilter.doFilter(XssFilter.java:30)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.csp.CspFilter.doFilter(CspFilter.java:77)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:317)
    	at com.appiancorp.security.auth.activity.UserActivityFilter.doFilter(UserActivityFilter.java:47)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.invoke(FilterSecurityInterceptor.java:127)
    	at org.springframework.security.web.access.intercept.FilterSecurityInterceptor.doFilter(FilterSecurityInterceptor.java:91)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at com.appiancorp.connectedsystems.http.oauth.OAuthMobileFilter.doFilter(OAuthMobileFilter.java:52)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.access.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:114)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.session.SessionManagementFilter.doFilter(SessionManagementFilter.java:137)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:107)
    	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
    	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:112)
    	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
    	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:112)
    	at com.appiancorp.security.auth.rememberme.CookieTheftRedirectFilter.doFilter(CookieTheftRedirectFilter.java:37)
    	at org.springframework.web.filter.CompositeFilter$VirtualFilterChain.doFilter(CompositeFilter.java:112)
    	at org.springframework.web.filter.CompositeFilter.doFilter(CompositeFilter.java:73)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.authentication.rememberme.RememberMeAuthenticationFilter.doFilter(RememberMeAuthenticationFilter.java:158)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.servletapi.SecurityContextHolderAwareRequestFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:170)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFilter(RequestCacheAwareFilter.java:63)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:200)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.authentication.logout.LogoutFilter.doFilter(LogoutFilter.java:116)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at com.appiancorp.security.csrf.CsrfChannelProcessingFilter.doFilter(CsrfChannelProcessingFilter.java:82)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.context.request.async.WebAsyncManagerIntegrationFilter.doFilterInternal(WebAsyncManagerIntegrationFilter.java:56)
    	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.session.ConcurrentSessionFilter.doFilter(ConcurrentSessionFilter.java:155)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.context.SecurityContextPersistenceFilter.doFilter(SecurityContextPersistenceFilter.java:105)
    	at org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilter(FilterChainProxy.java:331)
    	at org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterChainProxy.java:214)
    	at org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy.java:177)
    	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
    	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.common.web.HttpMethodOverrideFilter.doFilter(HttpMethodOverrideFilter.java:34)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.cors.CorsFilter.handleNormalRequest(CorsFilter.java:324)
    	at com.appiancorp.security.cors.CorsFilter.doFilter(CorsFilter.java:278)
    	at com.appiancorp.security.cors.CorsFilter.doFilter(CorsFilter.java:226)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.auth.maintwindow.MaintWindowHeaderFilter.doFilter(MaintWindowHeaderFilter.java:31)
    	at org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(DelegatingFilterProxy.java:347)
    	at org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFilterProxy.java:263)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.auth.logging.AuthenticationLoggingFilter.doFilter(AuthenticationLoggingFilter.java:37)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.auth.AuthProviderFilter.doFilter(AuthProviderFilter.java:80)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.common.web.UserAgentFilter.doFilter(UserAgentFilter.java:40)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.security.web.DomainFilter.doFilter(DomainFilter.java:50)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.ap2.environment.EnvironmentFilter.doFilter(EnvironmentFilter.java:87)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.common.web.ThreadLocalRequestFilter.doFilter(ThreadLocalRequestFilter.java:34)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.ap2.NullByteInjectionFilter.doFilter(NullByteInjectionFilter.java:32)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.ap2.EncodingFilter.doFilter(EncodingFilter.java:58)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.common.web.HttpStrictTransportSecurityFilter.doFilter(HttpStrictTransportSecurityFilter.java:50)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.common.monitoring.prometheus.HttpResponseMetricsFilter.doFilter(HttpResponseMetricsFilter.java:67)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at com.appiancorp.tomcat.cookies.AppianCookieProcessorUserAgentStoringFilter.doFilter(AppianCookieProcessorUserAgentStoringFilter.java:24)
    	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
    	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
    	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:199)
    	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96)
    	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
    	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678)
    	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139)
    	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:81)
    	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:87)
    	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343)
    	at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:482)
    	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
    	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:810)
    	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1623)
    	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
    	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
    	at java.lang.Thread.run(Thread.java:748)