SAML | Incresing throttle for SAML request URL
Kindly add the following code in webapps/ROOT/WEB-INF/security/security-publicaccess.xml and restart SDP to increase the throttle limit for SamlRequestServlet URL. Here it's set as 45. You can change to any number you want per minute.
<throttles window="ROLLING" scope="APPSERVER" key="url.path+url.dynamic_key" name="saml_request_servlet">
<throttle duration="1m" threshold="45" lock-period="2m"/>
</throttles>
Sample:
New to ADSelfService Plus?
Related Articles
SAML | Multiple Login URLs for SAML Response
Issue: Even if SDP can be accessed with multiple URLs like internal.servicedesk.com and external.servicedesk.com, the SAML response is always received at the same URL that is configured in Alias URL. Fix: The acs_url column in the SAMLSP table can be ...SAML redirection issue
Issue: The /SamlRequest URL is being accessed repeatedly, leading to the URL access limit being reached in only SAML enabled case. The SAML URL is triggered instead of displaying the login page, occurring only in cases where both Active Directory ...SAML | This Request will not be considered since passing more parameters to server might result in vulnerability issues.
Issue: After upgrade, customer might usually face this issue during SAML login: Trace: [14:14:03:012]|[10-02-2023]|[com.manageengine.mdh.MDHSettings]|[INFO]|[57303]: Service desk instance ID not found in Cookie| ...SAML with ICAM as IdP in ServiceDesk Plus
The SAML NameID policy must either be unspecified (urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified) or emailAddress (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress). WantAssertionsSigned="true" AND AuthnRequestsSigned="true" must be set ...InResponseTo attribute in SAML Response is missing
Issue: Every SAML request has an ID and every SAML response should return this ID with the name InResponseTo. Most of the popular IDPs return this is now required to be verified. Response without InResponseTo: Expected Response: Solution: If your ...