Hi, I have setup JOSSO2 Single Sign On using the Atricore Console, and am able to see the login page (Welcome! You're an anonymous user). However, the problem is creating the users. I have used "RDBMS Identity Source" as the Identity Source. My identity appliance consists of Identity Source (RDBMS) connected to Identity Provider (IdP). IdP connected to Service Provider (SP), SP connected to JOSSO1 resource (JOSSO1-RE), and JOSSO1-RE connected to Tomcat Execution Environment (SP1EE). The connections I have used are : RDBMS Identity Source is connected to IdP via Identity Lookup Connection. SP1 and AcmeIDP is wired with the Federated Connection. JOSSO1-RE is wired into SP1 with a Service Connection. JOSSO1-RE is connected into SP1EE by the Activation Connection. When I test the login, I get error "Invalid Authentication Information", and even after much troubleshooting, I am not able to figure out the problem. In the HOWTOPAGE "Adding Two-Factor Authentication", you explain that the Service Provider also has to be connected to an Identity Source? Do I have to do the same in my case? Isn't it enough to have only one Identity Source (In this case, my RDBMS) which is connected to the IdP, which will help the SP in authentication? Also, to add users for JOSSO, I read the article from the "Getting Started" page in josso.org, that I have to create a group "role1" and then create the users and put them in this group. Only then will the users will be created and be allowed to successfully login? This is the error I get in the atricore.log for the unsuccessful login (username used is "surentran") : Code: 2020-04-08 17:23:14,835 | INFO | qtp-347993098-40 | acmeidp | ng.builtin.LoggerAuditingHandler 33 | 117 - org.atricore.idbus.kernel.auditing.builtin - 1.4.4.SNAPSHOT | principal=surentran action=SSO outcome=FAILURE attempt=1 httpSession=id-5411b4d8-f00a-44bb-91f9-f97a8fe73afa.idbus-web-001 federatedProvider=http://192.168.121.72:8081/IDBUS/MYFIRSTIA/SP1/SAML2/MD provider=acmeidp authnCtx=urn:oasis:names:tc:SAML:2.0:ac:classes:Password remoteAddress=192.168.113.96 Please help me resolve this ASAP, as I have hit a dead end, and not sure what to do to resolve this problem.
No, it's not wrong. The logs generated are at the time I try to login to the page. The system time is the same format as the time I click on login. (MYT).
Also timedatectl shows the Singapore timezone : Code: [root@amanda-server log]# timedatectl Local time: Mon 2020-04-13 12:54:10 +08 Universal time: Mon 2020-04-13 04:54:10 UTC RTC time: Mon 2020-04-13 04:54:08 Time zone: Asia/Singapore (+08, +0800) NTP enabled: yes NTP synchronized: yes RTC in local TZ: no DST active: n/a [root@amanda-server log]# However, I live in Malaysia/Kuala Lumpur, does this make a difference? Here it is also GMT +8. Anyways I have made the changes now : Code: [root@amanda-server log]# timedatectl Local time: Mon 2020-04-13 12:58:41 +08 Universal time: Mon 2020-04-13 04:58:41 UTC RTC time: Mon 2020-04-13 12:58:41 Time zone: Asia/Kuala_Lumpur (+08, +0800) NTP enabled: yes NTP synchronized: yes RTC in local TZ: yes DST active: n/a Warning: The system is configured to read the RTC time in the local time zone. This mode can not be fully supported. It will create various problems with time zone changes and daylight saving time adjustments. The RTC time is never updated, it relies on external facilities to maintain it. If at all possible, use RTC in UTC by calling 'timedatectl set-local-rtc 0'. But here, as you can see, I get a warning to not configure the system to read RTC in local time zone. And even after I make these changes, and then close and login to the JOSSO login page, I still get error .
