Documentation

SAML IDP POST to /saml_login URL returns 403 response

Last update: Wed Mar 06 2024 00:00:00 GMT+0000 (Coordinated Universal Time)

Learn how to resolve the SAML IDP POST to /saml_login URL 403 response error by adding the following rule to the dispatcher farm configuration.

Description description

Environment

Experience Manager

Issue/Symptoms

SAML Authentication is configured in AEM and after logging in IDP, a 403 error response from AEM is found during the SAML POST to /saml_login or /content/saml_login ;(or other URL configured for the IDP to post back to).
The problem only happens when authenticating via the dispatcher enabled URL.

This particular text is found in the dispatcher.log,

Filter rejects: POST

Resolution resolution

Add the following rule to the dispatcher farm configuration (.any files) /filter section to resolve the SAML IDP POST to /saml_login URL 403 response error.

/0100  /method "POST" /url "*/saml_login" }
Cause
The dispatcher  /filter ;section allows POST requests to  * /saml_login.

recommendation-more-help
3d58f420-19b5-47a0-a122-5c9dab55ec7f