VMware

vCloud Director 10 breaks SAML Federation

Tested vCD 10 and found it the new login breaks all SAML Federations (System and Org). Finally got a confirmation today from VMware support that it’s indeed a known issue internally. This has not yet been updated to the vCD 10 release notes, but according to the information provided to me, this will be resolved in version 10.0.1.

In my testing scenario, i get the following error when accessing login page of an organization that has SAML enabled;
AssertionConsumerServiceIndex cannot be set when ProtocolBinding or AssertionConsumerServiceUrl are set.

The only known workaround to me is to use federation services login page to generate the token that is passed to vCD.


View Reddit by -Zimeon-View Source

Related Articles

2 Comments

  1. It’s not as if SAML on vCloud Director 9.7.x is any better… :/

    ​

    Is there a good community for discussing these type of “advanced” features? We’re having issues with VCD 9.7.3. and SAML authentication while using Google’s G Suite as an IDP. Strongly suspect it’s a vcloud implementation bug but have zero insight as we’re only a tenant (not a service provider).

Leave a Reply

Your email address will not be published. Required fields are marked *

Close