Jump to content
Welcome to our new Citrix community!

SAML Auth through Netscaler using Azure IDP - Cannot complete request - event id 10


Recommended Posts

My frustration is clear on this one. I am coming remotely and hitting the netscaler(12.1 latest fw) which has the azure saml policy set up so of it goes to azure and the mfa works perfectly then back to netscaler and on to storefront. This is where we get the cannot complete request. 

 

The error message on storefront is:

A CitrixAGBasic Login request has failed.

Citrix.DeliveryServicesClients.Authentication.AG.AGAuthenticatorException, Citrix.DeliveryServicesClients.Authentication, Version=3.12.0.0, Culture=neutral, PublicKeyToken=null

Authenticate encountered an exception.

   at Citrix.DeliveryServicesClients.Authentication.AG.AGAuthenticator.Authenticate(HttpRequestBase clientRequest, Boolean& passwordSupplied)

   at Citrix.Web.AuthControllers.Controllers.GatewayAuthController.Login()

 

System.Net.WebException, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

The remote server returned an error: (403) Forbidden.

Url: https://127.0.0.1/Citrix/CitrixMFAAuth/CitrixAGBasic/Authenticate

ExceptionStatus: ProtocolError

ResponseStatus: Forbidden

   at System.Net.HttpWebRequest.GetResponse()

   at Citrix.DeliveryServicesClients.Utilities.HttpHelpers.ReceiveResponse(HttpWebRequest req)

   at Citrix.DeliveryServicesClients.Authentication.TokenIssuingClient.RequestToken(String url, RequestToken requestToken, String primaryToken, String languages, CookieContainer cookieContainer, IEnumerable`1 acceptedResponseTypes, IDictionary`2 additionalHeaders)

   at Citrix.DeliveryServicesClients.Authentication.AG.AGAuthenticator.Authenticate(HttpRequestBase clientRequest, Boolean& passwordSupplied)

 

ive checked all the settings and certificates and they all look good. I can log into the store internally so this only happens externally. Any advice very welcome. 

Link to comment
Share on other sites

  • 1 year later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...