Hello everyone,
We are currently experimenting outbound firewall authentication with Azure AD as a SAML IdP. Here is the cookbook :
Everything is working fine but we have strange issue with Google Chrome and Brave. After the user athentication, the user get stuck on this page and he's not redirected to the original request / URL like it did on Firefox and Edge for example.
Chrome :
Brave :
As you can see, the user get stuck on the exact same URL, blank page and the TAB is not closing : https://login.microsoftonline.com/common/SAS/ProcessAuth
For us it's not a big deal, you close this TAB and firewall rules are well applies based on your Azure AD dynamic(s) group(s). But, we already know that it will be a big issue for our users...
We have check multiple settings but everything seems fine... Am I missing something or it's a bug comming from Chrome and Brave ?
Regards,
Louis
Hi @LouisG
You can run the below debug command on FGT CLI and SAML tracer on chrome ,to get more info about the redirection on Saml authentication debugs.
diag debug console timestamp enable
diag debug app samld -1
diag debug enable
Have you found a solution or any clues? I have the same issue on Forti OS 7.2.8 but it seems to happend on any browser(Edge share the same behavior). Been trying to dig around for more information but there is only your post that pop on search engine.
I also tried to do some SAML debugging, but the transactions does not give any error nor seems abnormal.
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.