Details
-
Bug
-
Resolution: Fixed
-
Medium
-
6.6.0, 6.10.2, 6.13.4, 6.15.1, 6.15.4, 7.2.1, 7.12.5
-
15
-
Severity 2 - Major
-
2
-
Description
When trying to authenticate a user who has a special character in their first name (é specifically) via SAML SSO, we see the following screen
The error in the logs is:
com.atlassian.plugins.authentication.impl.web.saml.provider.InvalidSamlResponse: Received invalid SAML response: Signature validation failed. SAML Response rejected
at com.atlassian.plugins.authentication.impl.web.saml.provider.impl.OneloginJavaSamlProvider.lambda$extractSamlResponse$1(OneloginJavaSamlProvider.java:89)
at com.atlassian.plugin.util.ContextClassLoaderSwitchingUtil.runInContext(ContextClassLoaderSwitchingUtil.java:48)
at com.atlassian.plugins.authentication.impl.web.saml.provider.impl.OneloginJavaSamlProvider.extractSamlResponse(OneloginJavaSamlProvider.java:80)
at com.atlassian.plugins.authentication.impl.web.saml.SamlConsumerServlet.doPost(SamlConsumerServlet.java:87)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:648)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at com.atlassian.plugin.servlet.DelegatingPluginServlet.service(DelegatingPluginServlet.java:37)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
at com.atlassian.plugin.servlet.ServletModuleContainerServlet.service(ServletModuleContainerServlet.java:45)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
...
Workaround:
- Make sure file encoding/Locale of the OS is set as UTF-8
- Pass following parameters to JVM
CATALINA_OPTS="-Dfile.encoding=UTF-8 -Djavax.servlet.request.encoding=UTF8 ${CATALINA_OPTS}"
Attachments
Issue Links
- was cloned as
-
-
- Gathering Impact
-
- mentioned in
-
Page Loading...