Due to variations in how different vendors implement roles, you may need to troubleshoot your SAML configuration when issues occur. Enabling debug-level logging is a useful starting point for diagnosing SAML-related problems.

  1. Open instance/ablapps/abl-app-name/conf/logging-ablapp.xml.

  2. Add the following logger entries:
    <logger name="org.springframework.security.saml2" level="DEBUG"/>
<logger name="org.opensaml" level="DEBUG"/>
<logger name=" PROTOCOL_MESSAGE " level="DEBUG"/>
  3. Save the file.
  4. Restart the application server for the changes to take effect.

Result:

The application server generates detailed SAML processing and protocol message information in the logs. Use this information to identify and troubleshoot configuration or integration issues with your SAML identity provider.