ComponentSpace

Forums



Debugging System.ArgumentNullException


Debugging System.ArgumentNullException

Author
Message
BmH
BmH
New Member
New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)

Group: Forum Members
Posts: 5, Visits: 8
Got an error that's giving us a full-stop when the idp is calling the AssertionConsumerService after login. Can you provide any pointers for debugging this?


dbug: ComponentSpace.Saml2.Bindings.Post.HttpPostBinding[0]
  The SAML message has been received over HTTP-Post.
fail: ComponentSpace.Saml2.SamlServiceProvider[100]
  Receiving an SSO response from a partner identity provider has failed.
ComponentSpace.Saml2.Exceptions.SamlSchemaValidationException: SAML XML schema validation failed. ---> System.ArgumentNullException: Value cannot be null.
Parameter name: input
 at System.Xml.XmlReaderSettings.CreateReader(Stream input, Uri baseUri, String baseUriString, XmlParserContext inputContext)
 at ComponentSpace.Saml2.Utility.SamlSchemaValidator.Validate(XmlElement xmlElement) in /opt/app-root/src/ComponentSpace/Utility/SamlSchemaValidator.cs:line 83
 --- End of inner exception stack trace ---
 at ComponentSpace.Saml2.Utility.SamlSchemaValidator.Validate(XmlElement xmlElement) in /opt/app-root/src/ComponentSpace/Utility/SamlSchemaValidator.cs:line 93
 at ComponentSpace.Saml2.SamlProvider.ValidateMessage(XmlElement messageElement) in /opt/app-root/src/ComponentSpace/SamlProvider.cs:line 375
 at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync() in /opt/app-root/src/ComponentSpace/SamlServiceProvider.cs:line 192
dbug: ComponentSpace.Saml2.Authentication.SamlAuthenticationHandler[0]
  An exception has been caught by the SAML authentication handler.
ComponentSpace.Saml2.Exceptions.SamlSchemaValidationException: SAML XML schema validation failed. ---> System.ArgumentNullException: Value cannot be null.


And the init code from my Startup.cs file:


private void ConfigureSaml(SamlConfigurations samlConfigurations)
   {
    samlConfigurations.Configurations = new List<SamlConfiguration>()
    {
      new SamlConfiguration()
      {
       LocalServiceProviderConfiguration = new LocalServiceProviderConfiguration()
       {
        Name = "https://saml.test.domain",
        Description = "Example Service Provider",
        AssertionConsumerServiceUrl = "https://saml.test.domain/SAML/AssertionConsumerService",
        SingleLogoutServiceUrl = "https://saml.test.domain/SAML/SingleLogoutService",
        ArtifactResolutionServiceUrl = "https://saml.test.domain/SAML/ArtifactResolutionService",

        LocalCertificates = new List<Certificate>()
        {
          new Certificate()
          {
           FileName = "Certificates/cert.pfx",
           Password = "passwordremoved"
          }
        }
       },
       PartnerIdentityProviderConfigurations = new List<PartnerIdentityProviderConfiguration>()
       {
        new PartnerIdentityProviderConfiguration()
        {
          Name = "http://sts.testad.local/adfs/services/trust",
          Description = "ADFS",
          SignAuthnRequest = true,
          SignLogoutRequest = true,
          SignLogoutResponse = true,
          WantAssertionEncrypted = true,
          WantLogoutResponseSigned = true,
          SingleSignOnServiceUrl = "https://sts.testad.local/adfs/ls/",
          SingleLogoutServiceUrl = "https://sts.testad.local/adfs/ls/?wa=wsignout1.0",
          ArtifactResolutionServiceUrl = "https://sts.testad.local/adfs/services/trust/artifactresolution/",
          PartnerCertificates = new List<Certificate>()
          {
           new Certificate()
           {
            FileName = "certificates/testad.local.signing.cer"
           }
          }
        }
       }
      }
    };
   }

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thanks for the information. The issue is related to validating the receive SAML message against the SAML XML schema.
Please enable SAML trace and send the generated log file as an email attachment to [email protected] mentioning your forum post.
https://www.componentspace.com/Forums/7936/Enabling-SAML-Trace



Regards
ComponentSpace Development
BmH
BmH
New Member
New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)

Group: Forum Members
Posts: 5, Visits: 8
ComponentSpace - 8/23/2019
Thanks for the information. The issue is related to validating the receive SAML message against the SAML XML schema.
Please enable SAML trace and send the generated log file as an email attachment to [email protected] mentioning your forum post.
https://www.componentspace.com/Forums/7936/Enabling-SAML-Trace


I'll see what I can do. I'm not familiar with Serilog and our server runtime images are dynamically generated in git/openstack, which limits our ability to generate application-level logfiles on the fs. I'll see if I can get it to write to the console and capture it from there. 


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
We use the standard Microsoft logging. It doesn't necessarily have to be configured to use Serilog. The console capture will be fine. We just need the logging from when the SAML message is received through to the exception. Thanks.

Regards
ComponentSpace Development
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
What operating system are you using?
This may be an issue related to Assembly.GetExecutingAssembly().GetManifestResourceStream.
Once you've captured the log and while we investigate, you can workaround the issue by setting the LocalServiceProviderConfiguration.DisableSchemaCheck to true.

Regards
ComponentSpace Development
BmH
BmH
New Member
New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)New Member (7 reputation)

Group: Forum Members
Posts: 5, Visits: 8
BmH - 8/23/2019
ComponentSpace - 8/23/2019
Thanks for the information. The issue is related to validating the receive SAML message against the SAML XML schema.
Please enable SAML trace and send the generated log file as an email attachment to [email protected] mentioning your forum post.
https://www.componentspace.com/Forums/7936/Enabling-SAML-Trace


I'll see what I can do. I'm not familiar with Serilog and our server runtime images are dynamically generated in git/openstack, which limits our ability to generate application-level logfiles on the fs. I'll see if I can get it to write to the console and capture it from there. 


CentOS 7. I'm working on the capture, but it may be a little while until I can email it in. 

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Thanks.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search