InformAction Forums

NoScripters and WebSec nerds of all lands, unite!
https://forums.informaction.com/

Similar SAML requests blocked issue

https://forums.informaction.com/viewtopic.php?t=26705

Page 1 of 1

Similar SAML requests blocked issue

Posted: Tue Jun 14, 2022 12:23 pm
by debugger
I read "[Resolved] SAML requests blocked" viewtopic.php?f=7&t=26677 which in the end solved my problem.

I navigated to our internal company page, which redirects to https://login.microsoftonline.com for SAML authentication after 2-Factor authentication it redirect back to the internal company page - this last step fails.

The SAML request to the internal page uses the following headers and is cross domain (obviously):
  • Fetch-Dest: document
    Sec-Fetch-Mode: navigate
    Sec-Fetch-Site: same-origin
The reason for me turned out to be that I applied the following settings for https://login.microsoftonline.com
  • Enable these capabilities when top page matches: ...microsoftonline.com
    script
    frame
    fetch
    noscript
    lan
After reverting it to:
  • Enable these capabilities when top page matches: ANY
    script
    frame
    fetch
    noscript
    lan
A better error message in the debug console CTRL+I of Firefox would have helped me to understand WHY the SAML-request was blocked.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited