Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-5285: SAML SSO fails with JIVE software app with SP initiated connection

Centrify Identity Service, App Edition ,  

12 April,16 at 10:39 AM

Applies to: All versions of Centrify for SaaS, JIVE-51200

Problem:
When SP SSO login is initiated with SAML app configured for JIVE software it succeeds at first but fails in the next attempt with a message "Please enable Cookies to continue login". It continues failing from that point on.

cookie error
Further investigation revealed the cookie named "jive.login.type" was the cause since the problem disappeared after deleting this specific cookie:

jive cookie


However the issue resurfaces in each subsequent login attempt as the cookies are regenerated later. The problem does not happen with IdP-initiated connection, so why does this happen with SP-initiated connection only?  

Cause: 
This is a bug from Jive software (JIVE-51200). The JIVE website reacts differently depending on the cookie jive.login.type's value and it will redirect to the login page if the value is set to "saml".
The source code for JIVE below verifies this as the cause: 
=======
else if (getCookie("jive.login.type") == "saml") { 
+ // going to redirect, so no display 
+ } 
=======

The fiddler traces of each attempt show the cookie is set to nothing in the successful attempt and it is set to "saml" in the failed SSO attempt which confirms this:  

- Successful SSO attempt
sucessful
- Failed SSO attempt
failure
Reference link for the source code: https://docs.jivesoftware.com/jive_sbs/7.0.3.0_e0f2185/ftldiff/WEB-INF/classes/template/global/login.html 

Resolution:
Jive confirmed this as a bug in their software and will address this in the future. In the meantime users should contact them directly for a fix. 

 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.