Problem solve Get help with specific problems with your technologies, process and projects.

How to install a new router to prevent single sign-on problems

Are you receiving router pop-up messages telling you that it is "Unable to do single sign-on or federation"? In this expert response, learn what you need to do to get your router back on track.

I recently installed a new router, and now, when trying to access external Web apps, I get the message "Unable to do a single sign-on or federation." Why might this be?

In this case, it looks like your router is trying to perform a SAML V2.0 single sign-on. SAML stands for Security Assertion Markup Language, and is an XML-based standard for communicating identity information between organizations. The primary function of SAML is to provide Internet single sign-on for organizations looking to securely connect to Internet applications that exist both inside and outside the safety of an organization's firewall. When using SAML to connect to a Web-based application, a handshaking dialogue takes place to establish the secure single sign-on; this is known as an HTTP POST profile. Somewhere within this handshake, the requester is missing the private key needed for the protocol.

There are several solutions: You can input the XML string, or the ID value, or provide a private key. How you input this information will be specific to your particular router. It should just be a matter of reading the manual, calling the router manufacturer's tech support team or conducting an Internet search to resolve this problem.

For more information:

This was last published in December 2009

Dig Deeper on Single-sign on (SSO) and federated identity

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.