Hey everyone,
I’m trying to configure Shibboleth authentication via a SAML identity provider and I can’t make it work.
I have successfully synchronized the users from the Active Directory on read only mode and I am redirected to my IdP login page when I try to acces the platform’s login page in which I am trying to configure this, as I should be.
After I login on my IdP for the first time, I am redirected to a page on Keycloak where I have to put my credentials again and it says that it is going to link my account to my IdP. After I do that, I get a page on Keycloak saying “Unexpected error when authenticating with identity provider” and the logs say:
org.keycloak.storage.ReadOnlyException: Federated storage is not writable
at org.keycloak.keycloak-ldap-federation@9.0.2//org.keycloak.storage.ldap.ReadonlyLDAPUserModelDelegate.setEmail(ReadonlyLDAPUserModelDelegate.java:54)
…
If I try to login again on my IdP, it’ll go straight to a page on Keycloak saying “An internal server error has occurred” and the logs say:
org.keycloak.broker.provider.IdentityBrokerException: Could not process response from SAML identity provider.
at org.keycloak.keycloak-services@9.0.2//org.keycloak.broker.saml.SAMLEndpoint$Binding.handleLoginResponse(SAMLEndpoint.java:494)
…
Does anyone what I should do to solve this?
Thanks in advance.