{"id":3118,"date":"2012-04-18T13:38:37","date_gmt":"2012-04-18T17:38:37","guid":{"rendered":"http:\/\/onlineappsdba.com\/?p=3118"},"modified":"2012-04-18T13:38:37","modified_gmt":"2012-04-18T17:38:37","slug":"oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized","status":"publish","type":"post","link":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/","title":{"rendered":"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized"},"content":{"rendered":"

Oracle Identity Federation<\/strong> (OIF) is federation solution from Oracle that provides\u00a0cross domain<\/strong>\u00a0Single Sign-On (SSO). OIF can act as Service Provider<\/strong> (SP), Identity Provider<\/strong> (IdP), or both <\/strong>(IdP & SP).<\/p>\n

I recently integrated two OIF instances, one acting as IdP<\/strong> and second acting as SP<\/strong>. Both OIF had their own Identity Store<\/strong> (as OID) where user with attribute employeeNumber<\/strong> (on IdP side)\u00a0was linked to user with attribute uid<\/strong> (on SP side).<\/p>\n

Note<\/strong>: This type of federation is called as Linked Federation<\/strong>, other types are Transient<\/strong>, Mapped<\/strong>, and Attribute<\/strong> or Role-based Federation<\/strong><\/a>\u00a0 . Step by step integration of Linked-based federation<\/strong> in OIF\u00a0is covered\u00a0in Oracle By Example (OBE)<\/a>\u00a0<\/p>\n

To add further complexity to solution OAM<\/strong> (Oracle Access Manager)<\/a>\u00a0was integarted\u00a0with OIF (SP side) as Service Provider Integration Module<\/a>\u00a0(i.e. OAM authentication was delegated to OIF SP and any user session at OIF should automatically create session at OAM).\u00a0<\/p>\n

During testing a resource protected in OAM by OIF Scheme<\/strong> (Challenge URL pointing\u00a0to http(s):\/\/OIF_SP_Host\/fed\/user\/sposso\u00a0<\/strong>)\u00a0, OAM was re-directing user browser to OIF_SP<\/strong> (\/fed\/user\/sposso?osso_spToken<\/strong>)\u00a0which in turn was redirecting to OIF_IdP\u00a0<\/strong>(\/fed\/idp\/samlv20?SAMLRequest<\/strong>) for authentication.<\/p>\n

Note:<\/strong> Use browser tools like\u00a0IEHTTPHeaders (IE)<\/a>\u00a0\u00a0or HTTP Header Plug-In(Firefox)<\/a>\u00a0to display\u00a0HTTP Header<\/strong> to see how URLs are redirected in user session.<\/p>\n

After authentication at IdP (using default ldap authentication engine which is OID<\/span>), request was redirected back to OIF_SP (\/fed\/sp\/art20?SAMLart=<\/strong>) and error message on browser reported was<\/p>\n

____
\nFrom RFC 2068 Hypertext Transfer Protocol — HTTP\/1.1:<\/span>
\n10.4.2 401 Unauthorized<\/span><\/p>\n

The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials, then the 401 response indicates that authorization has been refused for those credentials. If the 401 response contains the same challenge as the prior response, and the user agent has already attempted authentication at least once, then the user SHOULD be presented the entity that was given in the response, since that entity MAY include relevant diagnostic information. HTTP access authentication is explained in section 11.<\/span>
\n____<\/p>\n

Note: Authorization related errors in OIF are mainly because of wrong nameID mapping done\u00a0beween OIF IdP and SP <\/strong>.<\/p>\n

 <\/p>\n

To troubleshoot OIF configuration issue<\/span><\/strong> –<\/p>\n

1.<\/strong> First thing to check is look for any errors in wls_oif<N>.out<\/strong> at both SP<\/strong> and IDP<\/strong> side under $DOMAIN_HOME\/servers\/<oif_server_name>\/logs\/<\/p>\n

In my case error at IdP side in wls_oid<N>.out was<\/p>\n

___
\n<Apr 17, 2012 4:48:30 PM BST> <Error> <oracle.security.fed.eventhandler.profiles.idp.sso.v20.AuthnRequestEventHandler> <FED-15003> <No value in user record for NameIDPolicy requested: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<\/strong>><\/span>
\n___<\/p>\n

Note<\/strong>: Value of attribute email for user\u00a0is NULL in\u00a0OID configured with IDP & SP\u00a0but why is IDP trying to query emailAddress for user<\/strong> ?<\/p>\n

 <\/p>\n

Error\u00a0at\u00a0SP side in wls_oid<N>.out<\/strong> was
\n___\u00a0<\/p>\n

<Apr 17, 2012 4:24:20 PM BST> <Error> <oracle.security.fed.eventhandler.authn.engines.osso.OssoFinishSPSSOEventHandler> <FED-15134> <The service providercould not map the identity provider response to a user><\/span>
\n____<\/p>\n

Looking at error message on IdP and SP , it was clear that error was related to nameid-format<\/strong> (more on nameid-format or NameIDPolicy in SAML Token later<\/span>).<\/p>\n

To debug what nameID format is requested by OIF SP<\/strong>, enable trace<\/strong> in OIF for logger oracle.security<\/strong> from Enterprise Manager (\/em<\/strong>)<\/p>\n

 <\/p>\n

\"\"<\/a>
\n\u00a0<\/p>\n

After enabling TRACE<\/strong> in OIF at SP side, access URL in OAM protected by OIF Authentication scheme and query what NameID format<\/strong> SP is requesting in SAML token (\u00a0This information is recorded in trace at\u00a0 $DOMAIN_HOME\/servers\/<oif_server>\/logs\/wls_oif-diagnotics.log<\/strong> )<\/p>\n

_____<\/p>\n

[2012-04-12T11:49:16.339+01:00] [wls_oif1] [TRACE] [] [oracle.security.fed.http.translator.SenderProtocolMessageTranslator]
\n[tid: [ACTIVE].ExecuteThread: ‘1’ for queue: ‘weblogic.kernel.Default (self-tuning)’]
\n[userId: <anonymous>] [ecid: 004jV7Dh5Eo5e_r_CHXBig0007RO000IIb,0:1]
\n[SRC_CLASS: oracle.security.fed.http.translator.SenderProtocolMessageTranslator]
\n[APP: OIF#11.1.1.2.0] [SRC_METHOD: translateSAML2MessageToQuery]
\n[URI: \/fed\/user\/sposso] Outgoing QUERY message:<\/p>\n

<samlp:AuthnRequest xmlns:samlp=”urn:oasis:names:tc:SAML:2.0:protocol” Destination=”http:\/\/idpHost.idpDomain:8888\/fed\/idp\/samlv20<\/a>” ForceAuthn=”false”
\nID=”id-MaNTZObsPFZEn7mqeHE1ETWAnAU-” IssueInstant=”2012-04-18T10:49:16Z” ProtocolBinding=”urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact” Version=”2.0″>
\n<saml:Issuer xmlns:saml=”urn:oasis:names:tc:SAML:2.0:assertion”
\nFormat=”urn:oasis:names:tc:SAML:2.0:nameid-format:entity”> http:\/\/spHost.spDomain:9888\/fed\/sp<\/saml:Issuer>
\n<samlp:NameIDPolicy AllowCreate=”true” Format=”urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress<\/strong>“\/>
\n<\/samlp:AuthnRequest>
\n_______<\/p>\n

If you notice in\u00a0SAML token requested by OIF SP, it is requesting nameid-format<\/strong> in NameIDPolicy<\/strong> as emailAddress<\/strong><\/p>\n

 <\/p>\n

Q:<\/strong> How to change OIF_SP to request\u00a0\u00a0for attribute employeeNumber<\/strong> at OIF_IdP and map\u00a0this to attribute uid<\/strong> at OIF_SP\u00a0?<\/p>\n

A:<\/strong> To achieve this, configure OIF at SP side<\/strong>\u00a0(Service Provider) Default Authentication Request NameID format<\/strong> to Custom<\/strong> (or unspecified<\/strong>)\u00a0(first screen shot<\/span>)\u00a0and\u00a0update value of Custom<\/strong> (or unspecified<\/strong>) to employeeNumber<\/strong>.\u00a0 You also need to select option Map User via Attribute Query<\/strong> (with value like (&(uid<\/strong>=%enumuid%<\/strong>))) (first screenshot<\/span>)<\/p>\n

Note<\/strong>: You also need to configure OIF at\u00a0IdP side<\/strong> (Identity Provider) custom<\/strong> (or unspecified<\/strong>) to\u00a0enabled<\/strong> with value as employeeNumber<\/strong> (second screenshot<\/span>) and configure Attribute Mapping and Filters<\/strong> (for SP at IdP side) to return employeeNumber <\/strong>as enumid<\/strong> (third and fourth screenshot)<\/p>\n

 <\/p>\n

 <\/p>\n

\"\"<\/a><\/p>\n

 <\/p>\n

 <\/p>\n

Configuration at IdP\u00a0<\/strong>side for Identity\u00a0Provider<\/strong>\u00a0<\/p>\n

 <\/p>\n

\"\"<\/a><\/p>\n

 <\/p>\n

To configure SP metadata at IDP side from OIF_IdP\u00a0: Administration<\/strong> -> Federations<\/strong> -> select SP metadata (registered earlier)\u00a0and click edit<\/strong> -> select tab Oracle Identity Federation Settings<\/strong> and click Edit<\/strong> next to Attribute Mapping and Filters<\/strong><\/p>\n

 <\/p>\n

\u00a0\"\"<\/a>
\n.<\/p>\n

\u00a0\"\"<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Oracle Identity Federation (OIF) is federation solution from Oracle that provides\u00a0cross domain\u00a0Single Sign-On (SSO). OIF can act as Service Provider […]<\/p>\n","protected":false},"author":115,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-4)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[42],"tags":[],"class_list":["post-3118","post","type-post","status-publish","format-standard","hentry","category-troubleshooting"],"yoast_head":"\nOIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized -<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized -\" \/>\n<meta property=\"og:description\" content=\"Oracle Identity Federation (OIF) is federation solution from Oracle that provides\u00a0cross domain\u00a0Single Sign-On (SSO). OIF can act as Service Provider […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/\" \/>\n<meta property=\"article:published_time\" content=\"2012-04-18T17:38:37+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg\" \/>\n<meta name=\"author\" content=\"Masroof Ahmad\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Masroof Ahmad\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/\",\"url\":\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/\",\"name\":\"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized -\",\"isPartOf\":{\"@id\":\"https:\/\/onlineappsdba.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg\",\"datePublished\":\"2012-04-18T17:38:37+00:00\",\"author\":{\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\"},\"breadcrumb\":{\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#primaryimage\",\"url\":\"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg\",\"contentUrl\":\"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/onlineappsdba.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/onlineappsdba.com\/#website\",\"url\":\"https:\/\/onlineappsdba.com\/\",\"name\":\"\",\"description\":\"Oracle Implementation & Training Experts\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/onlineappsdba.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb\",\"name\":\"Masroof Ahmad\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g\",\"caption\":\"Masroof Ahmad\"},\"url\":\"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized -","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/","og_locale":"en_US","og_type":"article","og_title":"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized -","og_description":"Oracle Identity Federation (OIF) is federation solution from Oracle that provides\u00a0cross domain\u00a0Single Sign-On (SSO). OIF can act as Service Provider […]","og_url":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/","article_published_time":"2012-04-18T17:38:37+00:00","og_image":[{"url":"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg","type":"","width":"","height":""}],"author":"Masroof Ahmad","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Masroof Ahmad","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/","url":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/","name":"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized -","isPartOf":{"@id":"https:\/\/onlineappsdba.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#primaryimage"},"image":{"@id":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#primaryimage"},"thumbnailUrl":"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg","datePublished":"2012-04-18T17:38:37+00:00","author":{"@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb"},"breadcrumb":{"@id":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#primaryimage","url":"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg","contentUrl":"http:\/\/onlineappsdba.com\/wp-content\/uploads\/2012\/04\/oif_trace.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/onlineappsdba.com\/index.php\/2012\/04\/18\/oif-sp-initiated-call-after-response-from-idp-redirecting-to-sp-fedspart20samlart-with-401-unauthorized\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/onlineappsdba.com\/"},{"@type":"ListItem","position":2,"name":"OIF: SP initiated call after response from IdP redirecting to SP \/fed\/sp\/art20?SAMLart=** with 401 Unauthorized"}]},{"@type":"WebSite","@id":"https:\/\/onlineappsdba.com\/#website","url":"https:\/\/onlineappsdba.com\/","name":"","description":"Oracle Implementation & Training Experts","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/onlineappsdba.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/909a876ed58d400faf82caf81d61bfdb","name":"Masroof Ahmad","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/onlineappsdba.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/10f9db7bdbbd7f9ccfbe9b2d208e5978fc28315e9c704383e639a926ea0fce5f?s=96&d=mm&r=g","caption":"Masroof Ahmad"},"url":"https:\/\/onlineappsdba.com\/index.php\/author\/masroof\/"}]}},"_links":{"self":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/3118","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/users\/115"}],"replies":[{"embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/comments?post=3118"}],"version-history":[{"count":0,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/posts\/3118\/revisions"}],"wp:attachment":[{"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/media?parent=3118"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/categories?post=3118"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/onlineappsdba.com\/index.php\/wp-json\/wp\/v2\/tags?post=3118"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}