UAA integrate with ADFS

Tina Zhang


We have cloud foundry v197 env wants to integrate UAA server with existing ADFS. But uaa server not working properly when changing uaa.yml from spring_profiles: postgresql to spring_profiles: default. We want to know the steps to integrate UAA with MS ADFS.

We have modified uaa server as following:

1. uaa.yml, change spring_profiles: postgresql to spring_profiles: default

name: uaa

url: jdbc:postgresql://
username: uaaadmin
password: "c1oudc0w"

spring_profiles: default
#spring_profiles: postgresql

config: /var/vcap/jobs/uaa/config/


2. in login.yml, adding
entityID: https://XXXX/adfs/services/trust
nameID: 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
assertionConsumerIndex: 0
signMetaData: true
signRequest: true
connectionManagerTimeout: 10000
soTimeout: 10000
idpMetadata: https:// XXXX/FederationMetadata/2007
nameID: urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
assertionConsumerIndex: 0
signMetaData: false
signRequest: false
showSamlLoginLink: true

Error from uaa.log as following, change spring_profiles: postgresql to default causes openid cannot be identified.

[2015-07-21 22:42:46.001] uaa - 9927 [localhost-startStop-1] .... ERROR --- YamlConfigurationValidator: Failed to load YAML validation bean. Your YAML file may be invalid.
Can't construct a java object for,2002:org.cloudfoundry.identity.uaa.UaaConfiguration; exception=Cannot create property=oauth for JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration(a)38ad5581; Cannot create property=openid for JavaBean=org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth(a)40615f24; Unable to find property 'openid' on class: org.cloudfoundry.identity.uaa.UaaConfiguration$OAuth
in 'string', line 1, column 1:

What are steps to integrate cloud foundry UAA server to MS ADFS?

Tina Zhang

Join to automatically receive all group messages.