在System Manager中启用SAML时、MFA过程将执行、但返回错误"Authorization failed for the resource at /sysmgr/v4/"
适用场景
Data ONTAP 9.9.9.1P9
问题描述
- 启用SAML时、MFA过程会进行、但身份验证失败并显示错误:
SAML Service Provider Authorization Failed
The SAML service provider did not identify the user that was authenticated. Ensure that the SAML identity provider is configured to include in its assertion a "uid" attribute (SAML name "urn:oid:0.9.2342.19200300.100.1.1") whose value matches the service provider user name.
Authorization failed for the resource at "/sysmgr/v4/"
- 在.json返回中、我们看到
attrname-format
是basic
。
<saml:Attribute Name=\"urn:oid:0.9.2342.19200300.100.1.1\" NameFormat=\"urn:oasis:names:tc:SAML:2.0:attrname-format:basic\"> <saml:AttributeValue xsi:type=\"xs:string\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\">EXAMPLEUSERNAME </saml:AttributeValue> </saml:Attribute>