PingFederate Server

Resolving service-related errors

Resolve the Unexpected System Error message and partner not active status.

If a user encounters an Unexpected System Error message with a reference code, ask the user for the reference code and search for the value in the server log. The log message should help determine the root cause, which usually requires a configuration change.

If a user encounters a partner not active status, select Active in the Connection Status section and click Save on the Activation & Summary window for the connection.

Example

Unexpected System Error

When a PingFederate identity provider (IdP) server receives a SAML AuthnRequest message through the redirect binding, but such SAML profile is not selected in the applicable service provider (SP) connection, PingFederate replies with an Unexpected System Error response with a reference code and logs an error message similar to the following entry.

2015-12-03 15:43:52,936 ERROR [org.sourceid.servlet.ErrorServlet] Top level error (ref#kwlqbn): javax.servlet.ServletException: org.sourceid.saml20.bindings.BindingException: Incoming binding urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect is not enabled for (SP) ::: sp1

In this sample log message, kwlqbn is the reference code.

Solution

Update the applicable SP connection to allow the Redirect binding for inbound messages from the SP. This works if the redirect binding is one of the mutually-agreed SAML bindings that both parties use. Alternatively, the SP can send SAML AuthnRequest messages through an allowable SAML binding based on the configuration of your SP connection.