Hello,
I'm in the process of setting up a new MailArchiva 9.0.3 installation using SAML (Okta) for authentication. I did this successfully a couple of years ago on test installation of version 8 and it worked fine.
The issue that I'm having is that after a successful authentication with Okta it returns to the "signonform.do" screen rather than the "authorize.do" screen. As a result it still wants a login and password after the Okta authentication has successfully complted.
I'm using the same Okta application as I used in the test system (just changing the SSO url etc to match the different web address). Connecting to the new url correctly to Okta and the authentication is completed. Looking at the SAML details in the browser it has all of the correct details for the session (name / email address / group) and the correct url for the destination (ending in authorize.do).
It seems to be having a permission problem as its reporting a 403 error before being re-directed to the "signonform.do" address.
For the life of me I can't see any difference between the test system I built 2 years ago and this new one.
Just wondering if defaulting to the login / password screen is the correct behaviour in the event of an issue with a SAML login?
Also wondering if anyone else has experienced a similar problem in the past?
Any commented welcomed.
Thanks
Phil