Troubleshooting
If SSO is not working as expected, you may find useful information in the HMP log files. For example, look for valid session responses in nginx logs, or session creation data in the main HMP log (/opt/haivision/var/log/calypso.log
).
You can also look through the AD FS Events logs, and examine the SAML transactions via a browser trace tool, such as SAML tracer for FireFox, SAML Chrome Panel, or using Safari's Web Inspector.
Should the AD FS server not be available for some reason, point your browser to https://[hmp]/login
. This always displays the legacy HMP login screen, allowing access to the system using the haidamin credentials.
You may also be able to troubleshoot login issues by examining the associated browser data. Try both a legacy login and an SSO login using Chrome, and capture the HAR file for each attempt. To do this in Chrome open the web inspector (View > Developer > Developer Tools), and then click on the Network tab. Run the login tests, and then right click on any SAML-related request and choose "Save as HAR with content".