LPS-108070 introduced SAML SSO support for LAX cookies. However it also prevents the propagation of the entityId HTTP parameter which is sent on the first request to start IDP initiated SSO.
- Configure your portal instance as a SAML IDP, assumed to be at http://localhost:8080
- Remove all cookies for the same portal instance
- Request http://localhost:8080/c/portal/saml/sso?entityId=AnyValue
Expected result: UI shows "Unable to process SAML request" and system log states "Unknown peer entity ID AnyValue"
Actual result: System log states "org.opensaml.messaging.decoder.MessageDecodingException: No SAML message present in request"