IdP 要求ルールがないため、 SAML 認証に失敗します
環境
- ONTAP System Manager 9.3 以降
- Security Assertion Markup Language ( SAML )
問題
IDP サーバーに請求ルールがありません
Web UI エラー:
SAML Service Provider
Authorization Failed
The SAML service provider did not identify the user that was authenticated. Ensure that the SAML identity provider is configured to include in its assertion a"uid" attribute (SAML name "urn:oid:0.9.2342.19200300.100.1.1")
whose value matches the service provider user name.
Authorization failed for the resource at "/sysmgr/v4/"
- shibd.log
00000030.000364d4 073533eb Tue Nov 17 2020 10:59:01 -05:00 [kern_shibd:info:59302] INFO Shibboleth.SessionCache [2] [default]: new session created: ID (_1332a6e542c63d998c814449375e85a1) IdP (http://adfs2/adfs/services/trust) Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (adfs_server_name)
00000030.000364d5 073533eb Tue Nov 17 2020 10:59:01 -05:00 [kern_shibd:info:59302] INFO Shibboleth-TRANSACTION [2] [default]: New session (ID: _1332a6e542c63d998c814449375e85a1) with (applicationId: default) for principal from (IdP: http://adfs2/adfs/services/trust) at (ClientAddress: adfs_server_name) with (NameIdentifier: domain_user_name) using (Protocol: urn:oasis:names:tc:SAML:2.0:protocol) from (AssertionID: _6dbb8609-35be-4ee6-8b0d-62979a22566f)
00000030.000364d6 073533eb Tue Nov 17 2020 10:59:01 -05:00 [kern_shibd:info:59302] INFO Shibboleth-TRANSACTION [2] [default]: Cached the following attributes with session (ID: _1332a6e542c63d998c814449375e85a1) for (applicationId: default) {
00000030.000364d7 073533eb Tue Nov 17 2020 10:59:01 -05:00 [kern_shibd:info:59302] INFO Shibboleth-TRANSACTION [2] [default]: }