Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
kpo
Community Member

AnyConnect clientless and SAML

I have a problem with Anyconnect clientless configuration with SAML. I have correctly configured ConnectionProfile, GroupPolicies and SAML Identity Provider. My Identity Provider is a simpleSAMLphp script.

At logon I am redirected to the AnyConnect login page, and in the ASDM log I get an error:

 

Failed to consume SAML assertion. Reason: The identifier of a provider is unknown to #LassoServer. To register a provider in a #LassoServer object, you must use the lasso_server_add_provider () or lasso_server_add_provider_from_buffer () methods.

 

Regards

Chris

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
kpo
Community Member

Re: AnyConnect clientless and SAML

Hi, I made a factory reset and configured from scratch, it works correctly, It works correctly from Cisco Adaptive Security Appliance Software Version 9.9(1)4

4 REPLIES
VIP Green

Re: AnyConnect clientless and SAML

Hi,

Have you tried to do what it asks:

lasso_server_add_provider ()

lasso_error_t
lasso_server_add_provider (LassoServer *server,
                           LassoProviderRole role,
                           const gchar *metadata,
                           const gchar *public_key,
                           const gchar *ca_cert_chain)
Community Member

Re: AnyConnect clientless and SAML

Those aren't Cisco ASA commands. I suppose that is something Cisco developers would have to do. Cisco documentation isn't very helpful about stating what format the SAML assertion needs to have...

Community Member

Re: AnyConnect clientless and SAML

Were you able to find a resolution to this issue?

kpo
Community Member

Re: AnyConnect clientless and SAML

Hi, I made a factory reset and configured from scratch, it works correctly, It works correctly from Cisco Adaptive Security Appliance Software Version 9.9(1)4

2249
Views
0
Helpful
4
Replies
CreatePlease to create content