Hi

I am trying to implement SAML2 Authentication from NAM 4.3 to OSP 5.0.0.

Initial setup done as per the guidelines outlined in https://www.netiq.com/documentation/.../b1ciypyj.html.
All certificates are in place.

Now the situation is, am using protected resources in NAM for IDM and OSP both. Authentication to OSP not happening and OSP throwing error:

"Too many login attempts in a short period of time. Please close the browser, open a new one, and begin a new authentication"

OSP Logs:

[OIDP]
Time: 2017-02-08T01:05:46.491+0800
Level: TRACE
Java Execution:
Class: com.novell.oidp.session.NIDPSession
Method: isAuthenticated
Line Number: -1
Thread: http-bio-8180-exec-6
Message: Session Id: 6d32657164b741a7a5e39df5fb372ad5-264F424B0B4753524E
Session has zero consumed authentications! Not Authenticated!
Authenticated: false

[OIDP]
Time: 2017-02-08T01:05:46.495+0800
Level: TRACE
Java Execution:
Class: com.novell.oidp.profile.LoginProfile
Method: getContract
Line Number: -1
Thread: http-bio-8180-exec-6
Message: Card Id: null
Local Card: null
Contract: null
Returning no contract because:
1) No contract was found AND
2) No specific cardId was specified!

[OIDP]
Time: 2017-02-08T01:05:46.505+0800
Level: TRACE
Java Execution:
Class: com.novell.oidp.authentication.AuthenticationManag er
Method: getCard
Line Number: -1
Thread: http-bio-8180-exec-6
Message: Could not find candidate authentication card with id: saml2-auth-card
Existing card ids are:
eIDPLogin
name-pwd-login
krb-login


[OIDP]
Time: 2017-02-08T01:05:46.505+0800
Level: TRACE
Java Execution:
Class: com.novell.oidp.profile.authentication.MethodProfi le
Method: A
Line Number: -1
Thread: http-bio-8180-exec-6
Message: Authenticated authentication class: com.novell.oidp.protocol.authentication.classes.ID PAuthenticationClass, Status: 6

[OIDP]
Time: 2017-02-08T01:05:46.505+0800
Level: TRACE
Java Execution:
Class: com.novell.oidp.profile.authentication.MethodProfi le
Method: A
Line Number: -1
Thread: http-bio-8180-exec-6
Message: Authentication Method SAML2 Method requires additional interaction.

Kindly let me know, if you have any workaround for it.

Thanx in advance.

--Dinesh