FusionAuth
    • Home
    • Categories
    • Recent
    • Popular
    • Pricing
    • Contact us
    • Docs
    • Login
    1. Home
    2. james.hudson
    J
    • Profile
    • Following 0
    • Followers 0
    • Topics 2
    • Posts 2
    • Best 0
    • Controversial 0
    • Groups 0

    james.hudson

    @james.hudson

    0
    Reputation
    1
    Profile views
    2
    Posts
    0
    Followers
    0
    Following
    Joined Last Online
    james.hudson Unfollow Follow

    Latest posts made by james.hudson

    • SAML authnRequest exception

      Hello,

      I am trying to implement FusionAuth as idP for an application (SuiteCRM) and am getting an error at the redirect.

      I am running FusionAuth (1.62.1) in Docker for testing but get the same error on our staging instance.

      The error is:

      FusionAuth encountered an exception while processing the SAML v2 AuthnRequest.
The request originated from: 172.19.0.1.

SAMLRequest: PHNhbWxwOkF1dGhuUmVxdWVzdAogICAgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIKICAgIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iCiAgICBJRD0iT05FTE9HSU5fMjdiZTYyM2QwZTBjYzEwZWMyMzgyNjZlYWRlMmQwNDc2Nzk4MzEyZiIKICAgIFZlcnNpb249IjIuMCIKICAgIFByb3ZpZGVyTmFtZT0iRXhhbXBsZSIKICAgIElzc3VlSW5zdGFudD0iMjAyNi0wMi0xOVQxNToxMzo1N1oiCiAgICBEZXN0aW5hdGlvbj0iaHR0cDovL2xvY2FsaG9zdDo5MDEzL3NhbWx2Mi9sb2dpbi9lZTBkOThiNS0wZDdjLTExZjEtODIwMC0zNjRkM2JmYzg5YWYiCiAgICBQcm90b2NvbEJpbmRpbmc9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpiaW5kaW5nczpIVFRQLVBPU1QiCiAgICBBc3NlcnRpb25Db25zdW1lclNlcnZpY2VVUkw9Imh0dHA6Ly9sb2NhbGhvc3Qvc2FtbC9hY3MiPgogICAgPHNhbWw6SXNzdWVyPmh0dHA6Ly9sb2NhbGhvc3Qvc2FtbC9sb2dpbjwvc2FtbDpJc3N1ZXI+CiAgICA8c2FtbHA6TmFtZUlEUG9saWN5CiAgICAgICAgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDp1bnNwZWNpZmllZCIKICAgICAgICBBbGxvd0NyZWF0ZT0idHJ1ZSIgLz4KPC9zYW1scDpBdXRoblJlcXVlc3Q+

Exception:
io.fusionauth.samlv2.domain.SAMLException: Invalid AuthnRequest. Inflating the bytes failed.
  at io.fusionauth.samlv2.util.SAMLTools.decodeAndInflate(SAMLTools.java:168)
  at io.fusionauth.samlv2.service.DefaultSAMLv2Service.parseRequestRedirectBinding(DefaultSAMLv2Service.java:641)
  at io.fusionauth.api.service.samlv2.DefaultSAMLv2ProviderService.parseAuthNRedirectRequest(DefaultSAMLv2ProviderService.java:314)
  at io.fusionauth.app.action.samlv2.LoginAction.lambda$get$0(LoginAction.java:101)
  at io.fusionauth.app.action.samlv2.BaseSAMLAction.handleSAMLException(BaseSAMLAction.java:111)
  at io.fusionauth.app.action.samlv2.LoginAction.get(LoginAction.java:98)
  at java.base/jdk.internal.reflect.DirectMethodHandleAccessor.invoke(DirectMethodHandleAccessor.java:103)
  at java.base/java.lang.reflect.Method.invoke(Method.java:580)
  at org.primeframework.mvc.util.ReflectionUtils.invoke(ReflectionUtils.java:443)
  at org.primeframework.mvc.action.DefaultActionInvocationWorkflow.execute(DefaultActionInvocationWorkflow.java:77)
  at org.primeframework.mvc.action.DefaultActionInvocationWorkflow.perform(DefaultActionInvocationWorkflow.java:60)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.message.DefaultMessageWorkflow.perform(DefaultMessageWorkflow.java:50)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.validation.DefaultValidationWorkflow.perform(DefaultValidationWorkflow.java:45)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.security.DefaultSecurityWorkflow.perform(DefaultSecurityWorkflow.java:60)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.parameter.DefaultPostParameterWorkflow.perform(DefaultPostParameterWorkflow.java:49)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.content.DefaultContentWorkflow.perform(DefaultContentWorkflow.java:74)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.parameter.DefaultParameterWorkflow.perform(DefaultParameterWorkflow.java:58)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.parameter.DefaultURIParameterWorkflow.perform(DefaultURIParameterWorkflow.java:92)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.scope.DefaultScopeRetrievalWorkflow.perform(DefaultScopeRetrievalWorkflow.java:50)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.action.DefaultActionMappingWorkflow.perform(DefaultActionMappingWorkflow.java:130)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.security.DefaultSavedRequestWorkflow.perform(DefaultSavedRequestWorkflow.java:65)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.cors.CORSRequestWorkflow.perform(CORSRequestWorkflow.java:68)
  at org.primeframework.mvc.workflow.SubWorkflowChain.continueWorkflow(SubWorkflowChain.java:50)
  at org.primeframework.mvc.workflow.DefaultMVCWorkflow.perform(DefaultMVCWorkflow.java:109)
  at org.primeframework.mvc.PrimeMVCRequestHandler.handle(PrimeMVCRequestHandler.java:76)
  at io.fusionauth.http.server.internal.HTTPWorker.run(HTTPWorker.java:183)
  at java.base/java.lang.VirtualThread.run(VirtualThread.java:329)
Caused by: java.util.zip.DataFormatException: invalid code lengths set
  at java.base/java.util.zip.Inflater.inflateBytesBytes(Native Method)
  at java.base/java.util.zip.Inflater.inflate(Inflater.java:376)
  at java.base/java.util.zip.Inflater.inflate(Inflater.java:470)
  at io.fusionauth.samlv2.util.SAMLTools.decodeAndInflate(SAMLTools.java:158)
  ... 37 more

      Using the Onelogin decoder tool (https://www.samltool.com/decode.php) the request seems valid and is shown below:

      <samlp:AuthnRequest
    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
    xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
    ID="ONELOGIN_5d10bafc7b1602cbb1ac37c509e360e855819860"
    Version="2.0"
    ProviderName="Example"
    IssueInstant="2026-02-19T14:49:55Z"
    Destination="http://localhost:9013/samlv2/login/ee0d98b5-0d7c-11f1-8200-364d3bfc89af"
    ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
    AssertionConsumerServiceURL="http://localhost/saml/acs">
    <saml:Issuer>http://localhost/saml/login</saml:Issuer>
    <samlp:NameIDPolicy
        Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
        AllowCreate="true" />
</samlp:AuthnRequest>

      In SuiteCRM I am following the directions in the manual here:
      [https://docs.suitecrm.com/8.x/admin/configuration/saml/8.7.0-saml-configuration/](link url)

      If anyone has any ideas what I am doing wrong?

      Thanks.

      posted in General Discussion
      J
      james.hudson
    • Configuring SMTP settings

      Hello,
      We have been using fusionauth for a while now but not utilised the email features for passwords etc.
      fusinauth is running as a docker instance on an IONOS server.
      I am trying to setup the SMTP settings as per the mannual and get the error when testing with the test button:
      bb0076fd-24aa-46d9-9a94-7a8c55ba7b6b-image.png
      I have tested the SMTP server configuration using the swaks tool as reccommended by many posts on the forum with a successful reply using this command:
      swaks --to mymail@address --from another@address --server smtp.office365.com --port 587 --auth LOGIN --auth-user <my_username> --auth-password <my_password> -tls
      I have checked with IONOS that the ports 25 & 587 are actually open.
      Not sure what else it could be. Does anyone have any ideas?

      posted in Q&A
      J
      james.hudson