SAML | Incresing throttle for SAML request URL
Kindly add the following code in webapps/ROOT/WEB-INF/security/security-publicaccess.xml and restart SDP to increase the throttle limit for SamlRequestServlet URL. Here it's set as 45. You can change to any number you want per minute.
<throttles window="ROLLING" scope="APPSERVER" key="url.path+url.dynamic_key" name="saml_request_servlet">
<throttle duration="1m" threshold="45" lock-period="2m"/>
</throttles>
Sample:
New to ADSelfService Plus?
Related Articles
SAML with ICAM as IdP in ServiceDesk Plus
The SAML NameID policy must either be unspecified (urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified) or emailAddress (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress). WantAssertionsSigned="true" AND AuthnRequestsSigned="true" must be set ...SAML | Multiple Login URLs for SAML Response
Issue: Even if SDP can be accessed with multiple URLs like internal.servicedesk.com and external.servicedesk.com, the SAML response is always received at the same URL that is configured in Alias URL. Fix: The acs_url column in the SAMLSP table can be ...InResponseTo attribute in SAML Response is missing
Issue: Every SAML request has an ID and every SAML response should return this ID with the name InResponseTo. Most of the popular IDPs return this is now required to be verified. Response without InResponseTo: Expected Response: Solution: If your ...SAML | This Request will not be considered since passing more parameters to server might result in vulnerability issues.
Issue: After upgrade, customer might usually face this issue during SAML login: Trace: [14:14:03:012]|[10-02-2023]|[com.manageengine.mdh.MDHSettings]|[INFO]|[57303]: Service desk instance ID not found in Cookie| ...prod and test instance has same entity id for SAML
The issue: When restoring backup from production instance to create a test instance, the entity ID in SAML configuration is same as the production instance. Hence not able to configure SAML in test instance. Workaround: To change the application URL, ...