EasySSO Bamboo SAML Authenticator - Users unable to log in

Symptoms:

EasySSO for Bamboo is installed and you are using the SAML authenticator
SAML Login Redirect binding is being used
EasySSO SAML configured to create new users on login, or update group membership on login
When logging in and new user would be created, or group membership would be changed, the user is unable to login and the following exception appears on the screen
java.lang.IllegalStateException: XSRF: A mutative operation was attempted on InternalUser within a non-mutative HTTP request:

Bamboo has very thorough XSRF checks which prevents any database changes at all on GET requests.

Since the redirect binding causes the browser to make a GET request which updates user details, Bamboo rejects the request.

Use the POST binding type for SAML login.

New Zealand Home Ideas Centre Level 2, 10 Hutt Road, Petone, Wellington PO Box 38906 WMC Box Lobby Lower Hutt 5045	Australia Co-Hort Innovation Space, 16 Nexus Way, Southport, QLD PO Box 1403, Macquarie Centre, North Ryde, NSW 2113
0800 TECHTIME +64 4 570 0048	1800 BE LAZY +61 7 3074 9404
support@techtime.co.nz	info@techtime-initiative.com.au