Troubleshooting
Unable to Login
No Security groups configured
You may receive the following message:
ERROR: The username john.smith@simplelists.com does not have security groups that allow access to Simplelists
This means that you have defined the Attribute for group name in Simplelists but you did not define any groups. Either define groups or remove the Attribute for group name setting in the Simplelists authentication settings.
Incorrect cacert file loaded
Simplelists will present a message if the cacert that you loaded is not the correct one (the one that signed the SAML2 message).
Follow the steps for your Identity provider to download the correct signing certificate and the upload it again to the Simplelists authentication method following the Simplelists configuration information.
How can I see the SAML2 Assertion
The browser handles the transmission of the SAML messages between the Simplelists website and the Azure server. The best way to review the messages is to use a SAML decoder extension for your browser.
There are a number of SAML decoding extensions available for various browsers.
SAML Message Decoder is a Google Chrome extension that allows you to see the messages. It automatically decodes the base64 message and shows the XML data that is being passed between the ADFS server and the Simplelists website. It is possible that you will need to install this or a similar extension when you are troubleshooting your SAML setup.
Note that you should disable these extensions when not troubleshooting. We have not seen any issues but it is a third-party extension that has access to your decoded authentication token.
Simplelists Panics
There are currently no known cases that cause the Simplelists application to output a panic message. However, if you do encounter one please contact Send an email!
Encrypted Assertions are failing
Encrypted assertions require that the Message and the Assertion are signed.
Please review the documentation for your Identity Provider to determine the configuration required to Sign the Message and the Assertion
How to disable Encrypted Assertions
Please review the documentation for your Identity Provider to determine the configuration required to enable/disable encrypted assertions. Simplelists simply decodes what is sent to it if it is properly encrypted.