SAML2.0 Authentication Using SAML Only Works After Refreshing The Page
Have you faced issue with SAP application URL access like WebGUI or FIORI Launchpad or SOAMANAGER where SAML authentication only works after two plus attempts of page refresh? If yes, then you are at right place. This issue is common after SP or SPS upgrade in SAP system i.e. SAML2.0 Authentication Using SAML Only Works After Refreshing The Page.
How to Address the Issue
There are several reasons why this happens. All the possibilities are discussed in Configuring ICF Services for SAML Authentication. Please visit this help.sap.com page for more details. In summary this issue occurs because SPS or SP upgrade reset the priority of SAML logon procedure to default one i.e. place 7 or 8 in list of logon procedures.
To Solve this issue, please follow below steps.
- Display the ICF service using transaction SICF
- Open the tab page “Logon Data”
- Change the ‘Procedure’ to ‘Alternative Logon Procedure’
- Make sure that, in “Logon Procedure List” area, “SAML Logon” has higher priority than other failed logon methods. It’s best to set SAML to 1 so that it will have top priority.
- Save the changes, it may ask for TR to capture changes.
Note : You may need Client open and System status as Modifiable before executing this activity.
Reference : SAP Note 2544739