Issue with SAML2 using Azure AD and Proxy server Error message after successful login to Microsoft and back to Sage X3 login page: "Empty"!

Question

Hi everyone, 
 I have a client who wants to use Azure AD SAML2 for their users and they also having a proxy server which sits between Sage X3 server and Authenticator. Between Sage X3 server and Proxy server I have activated connection via https and port 8124 using a self-signed certificate (which has been imported into Proxy server too). So in Sage Administration > Host setup, it is using https and has a certificate. 
 Connection to Sage X3 works internally and also over the internet (going through proxy server which use https as well) using basic user/password method. 
 Below is the setup I have for SAML2:

When users tries to access Sage X3 over the internet and using SAML2 method, they can successfully log into their Microsoft account using MFA > and once it is back to Sage X3, it is only back to login page with error message: "Empty" and no further explanation. 
 
 Activated the "Silly" option for Logging method SAML2 in Global setting and below is from Syracuse log file: 
 2023-07-04T04:25:07.419Z | 93222b8cf2d3 | | 22 | login.saml2 | info | SAML2 Login Callback /auth/saml2/SAGEX3AZURESSO/callback 2023-07-04T04:25:07.419Z | 93222b8cf2d3 | | 22 | login.saml2 | debug | Incoming GET 2023-07-04T04:25:07.419Z | 93222b8cf2d3 | | 22 | login.auth | error | 404 Empty undefined 2023-07-04T04:25:07.420Z | 93222b8cf2d3 | | 22 | login.auth | error | dispatcher /auth/saml2/SAGEX3AZURESSO/callback Empty Error: Empty at error (F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\auth\helpers.jsc:14:17) at Object.loginCallback (F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\auth\saml2.jsc:252:38) at process.processTicksAndRejections (node:internal/process/task_queues:95:5) at async callback (F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\auth\saml2.jsc:432:17) at async F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\auth\helpers.jsc:196:21 at async dispatch (F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\auth\saml2.jsc:495:13) at async F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\auth\helpers.jsc:196:21 at async F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\http\httpRequestOverrider.jsc:34:20 at async F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\streamlineLib\ez-streams
ode-wrappers.es5:605:13 at async WebServerRouter.dispatchRequest (F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\webServer\webServerRouter.jsc:630:21) at async F:\Sage\SyracuseComponent\syracuse\bin
ode_modules\@sage\syracuse-lib\src\webServer\webServerProcess.jsc:143:21 
 
 When checking Azure AD > Enterprise application for Sage X3 logs, everything looks good and verifies that a connection request came in and out successfully. The fact that we are back to Sage X3 login page also indicates that the proxy server to Azure AD is not the problem. Any help or advise where else I should be looking at to rectify this issue would be highly appreciated. 
 
 Re, 
 Victor

Victor Nia · Accepted Answer

Final update, the IT team of my client checked the proxy server setup and changed some setup in something called wrapper which then allowed the Sage X3 URL to load X3 log in page first and everything is working as expected. Thanks Mike and Markus for taking your time to leave a reply for my post.

Sage X3

Issue with SAML2 using Azure AD and Proxy server > Error message after successful login to Microsoft and back to Sage X3 login page: "Empty"!

Top Replies

COMMUNITY

COMPANY

PARTNERS

SUPPORT & TRAINING