3c17d4379d
A mismatched configuration between the IdP and SP will often result in SAML authentication attempts failing because the audience condition is not met (because the IdP and SP disagree about the correct form of the SP's Entity ID). Previously the error message in this case did not provide sufficient information to resolve the issue because the IdP's expected audience would be truncated if it exceeeded 32 characters. Since the error did not provide both IDs in full, it was not possible to determine the correct fix (in detail) based on the error alone. This change expands the message that is included in the thrown exception, and also adds additional logging of every failed audience condition, with diagnostics of the match failure. Backport of: #44334 |
||
|---|---|---|
| .. | ||
| dev-tools | ||
| docs | ||
| license-tools | ||
| plugin | ||
| qa | ||
| snapshot-tool | ||
| test | ||
| transport-client | ||
| NOTICE.txt | ||
| README.md | ||
| build.gradle | ||
README.md
Elastic License Functionality
This directory tree contains files subject to the Elastic License. The files subject to the Elastic License are grouped in this directory to clearly separate them from files licensed under the Apache License 2.0.