Versions Compared

Old Version 1

changes.mady.by.user Paul Ruvin

Saved on

compared with

New Version 2

changes.mady.by.user Paul Ruvin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

ISSUE

Following an update to the latest version DualShield Authentication Server and IIS Agent, end users are no longer able to access a web SSO app such as OWA.

Image Added

CAUSE

Looking at the HAR file It appears that OpenSAML thought the Signature was legitimate, but chilkat (the library we used in IIS agent) does not like it.

This may have been been introduced by the recent upgrade on OpenSAML library.

Therefore once customers have upgraded DualShield to the latest version they will see the error above

RESOLUTION

Open Java options ( see How to Reset the sa Password in DualShield which demonstrates how to launch Java Options)

Append this line..


Code Block
-Dorg.apache.xml.security.ignoreLineBreaks=true


Image Added


Save and restart the DualShield Server service.