Test the SAML pass through application

To test a SAML pass through application, we first enable debug and start monitoring and then test the application normally. The following topics describe the process.


Configure application for testing

To enable debug for application testing:

  1. Navigate to the Access Gateway Admin UI console
  2. From the Topology tab or the Applications tab, open the application.
  3. Select the Settings pane.
  4. Expand the Advanced sub-tab.
  5. Set the Debug toggle to Enable.
    The debug toggle, which can be found in the Advanced application settings.
  6. Click Done.
  7. When debugging applications: Consider testing attributes with static known good values. For example, change dynamic IDP based fields to static with known good values.
    When debugging policy based applications: Test with no policy or open policy first.

Configure Access Gateway for debug and monitoring

You can optionally configure Access Gateway Management console to output a running display of all system log messages.

To enable this debugging mode and monitor Access Gateway:

  1. Open a terminal and use SSH to connect to the Access Gateway Management console (ssh oag-mgmt@gw-admin.<domain.tld>).
  2. Enter 4 - Monitoring.
  3. Enter 2 - Enable Debug.
  4. Enter 1 - Monitor logs. This starts the running display of all log messages.

Return to the Access Gateway Admin UI console console. You can test your application and examine the results in the running logs. Use[ctrl][c] to exit the log display.

See Monitor for more details about monitoring, including a list of available commands.

The debug logging level rapidly generates log messages. Always disable debug logging when you've finished examining the logs.

Not disabling debug logging can lead to rapid log file growth, which can result in errors due to lack of storage space.

Test application

Test application

  1. Connect to your Okta org as a user in the group associated with the bookmark application created in task Add an Okta bookmark application.
  2. Click the bookmark application icon to connect to the SAML application.
  3. Repeat as required to test.

Disable application and Access Gateway debug

If displaying debug statements at the command line:

  1. Return to the Access Gateway Management console.
  2. Enter [ctrl][c] to exit the log display.
  3. Enter 3 - Disable debug.
  4. Exit the command line console

If application debug is enabled:

  1. Return to the Access Gateway Admin UI console
  2. Navigate to the application being tested
  3. Expand the Setting sub tab.
  4. Expand the Essentials sub tab.
  5. Return the Protected Web Resource field back to its original value.
  6. Expand the Advanced sub tab.
  7. Set the Debug toggle to Disable.
  8. Save your changes.