Error validating saml message
SAMLDefault Logger : Auth NResponse; FAILURE;10.244.5.167;spn:b89b80-b2cdd06511db;https://sts.windows.net/xxxx-f140-478b-ac47-xxx/;;;org.opensaml.common. SAMLException: Response doesn't have any valid assertion which would pass subject validation Caused by: org.springframework.security.authentication.Credentials Expired Exception: Authentication statement is too old to be used with value 2018-04-30T.042Z Not just limited to Ping Fed and okta.
By navigating to Ping Fed and logging in there first instead of getting initially redirected from Spinnaker to Ping Fed, we have observed that the initial login attempt of the 'null' user does not occur.Abstract Authentication Processing Filter.successful Authentication(Abstract Authentication Processing Filter.java:331) at org.springframework.authentication.Abstract Authentication Processing Filter(Abstract Authentication Processing Filter.java:245) at org.springframework.Filter Chain Filter(Filter Chain Proxy.java:184) at org.springframework.
Filter Chain Proxy$Virtual Filter Filter(Filter Chain Proxy.java:330) at org.springframework.header.
This was operating successfully between Ping Fed & Gate originally.