SAML | Incresing throttle for SAML request URL
Kindly add the following code in webapps/ROOT/WEB-INF/security/security-publicaccess.xml and restart SDP to increase the throttle limit for SamlRequestServlet URL. Here it's set as 45. You can change to any number you want per minute.
<throttles window="ROLLING" scope="APPSERVER" key="url.path+url.dynamic_key" name="saml_request_servlet">
<throttle duration="1m" threshold="45" lock-period="2m"/>
</throttles>
Sample:
New to ADSelfService Plus?
Related Articles
SAML automatic redirection issue
Issue: The /SamlRequest URL is being accessed repeatedly, leading to the URL access limit being reached in only SAML enabled case. The SAML URL is triggered instead of displaying the login page, occurring only in cases where both Active Directory ...SAML with ICAM as IdP in ServiceDesk Plus
Usual requirements from ICAM: The SAML NameID policy must either be unspecified (urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified) or emailAddress (urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress). WantAssertionsSigned="true" AND ...SAML | This Request will not be considered since passing more parameters to server might result in vulnerability issues.
Issue: After upgrade, customer might usually face this issue during SAML login: Trace: [14:14:03:012]|[10-02-2023]|[com.manageengine.mdh.MDHSettings]|[INFO]|[57303]: Service desk instance ID not found in Cookie| ...SAML | Multiple Login URLs for SAML Response
Issue: Even if SDP can be accessed with multiple URLs like internal.servicedesk.com and external.servicedesk.com, the SAML response is always received at the same URL that is configured in Alias URL. Fix: The acs_url column in the SAMLSP table can be ...SAML | Common Workarounds: same entity ID in prod, test; hide "Logout from SAML"
1. Prod and Test have same entity ID: When restoring backup from production instance to create a test instance, the entity ID and and the redirect URL are same as the one in the production instance and we are not able to configure SAML in the test ...