Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Webcast-Catalyst9k
kpo
New Member

AnyConnect clientless and SAML

I have a problem with Anyconnect clientless configuration with SAML. I have correctly configured ConnectionProfile, GroupPolicies and SAML Identity Provider. My Identity Provider is a simpleSAMLphp script.

At logon I am redirected to the AnyConnect login page, and in the ASDM log I get an error:

 

Failed to consume SAML assertion. Reason: The identifier of a provider is unknown to #LassoServer. To register a provider in a #LassoServer object, you must use the lasso_server_add_provider () or lasso_server_add_provider_from_buffer () methods.

 

Regards

Chris

Everyone's tags (4)
2 REPLIES

Re: AnyConnect clientless and SAML

Hi,

Have you tried to do what it asks:

lasso_server_add_provider ()

lasso_error_t
lasso_server_add_provider (LassoServer *server,
                           LassoProviderRole role,
                           const gchar *metadata,
                           const gchar *public_key,
                           const gchar *ca_cert_chain)
New Member

Re: AnyConnect clientless and SAML

Those aren't Cisco ASA commands. I suppose that is something Cisco developers would have to do. Cisco documentation isn't very helpful about stating what format the SAML assertion needs to have...

731
Views
0
Helpful
2
Replies
CreatePlease to create content