ComponentSpace

Forums



Reloading SAML configuration programmatically does not load the certificates


Reloading SAML configuration programmatically does not load the...

Author
Message
SomeSSOGuy
SomeSSOGuy
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 5
Hello,
We have the possibility in our system to add new SPs dynamically.
When we do that we reload the SAMLConfiguration file.

Unfortunately we get an error when trying to login:

Unable to perform SSO request: An X.509 signature certificate for the partner service provider <newSP> hasn't been configured.


If I recycle the IIS pools, I can login successfully.

Our version: ComponentSpace.SAML2, Version=2.6.0.15
Our simplified code to reload:

var samlConfiguration = new SAMLConfiguration();
// Fill samlConfiguration
SAMLController.Configuration = samlConfiguration;


In the SAML logs I see the SPs being loaded and cached:

Loading the X.509 certificate from the file ...
The X.509 certificate with subject name xxx and serial number xxx has been loaded.
Caching the signature certificate for the default configuration partner service provider <newSP>
Caching the encryption certificate for the default configuration partner service provider <newSP>
The configured X.509 certificates have been successfully loaded.


But when updating the configuration during runtime, I only get:

The SAML configuration has been set.


And when trying to access the app I get the above error (X.509 signature not configured).

Am I missing something?

I have seen some .Net Core related code to reload the configuration, but I don't see it in our Asp.Net version.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
In this earlier release we're not updating the certificate manager with the new SAML configuration.
After setting the new SAML configuration, please try the following.


using ComponentSpace.SAML2.Certificates;

SAMLController.CertificateManager = new CertificateManager(SAMLController.Configurations);



If there's still an issue, please send the complete SAML log file as an email attachment to [email protected] mentioning your forum post.

Note that for more recent releases this isn't an issue as the certificate manager makes a call back to get the current SAML configuration.

Regards
ComponentSpace Development
SomeSSOGuy
SomeSSOGuy
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Forum Members
Posts: 2, Visits: 5
ComponentSpace - 9/11/2019
In this earlier release we're not updating the certificate manager with the new SAML configuration.
After setting the new SAML configuration, please try the following.


using ComponentSpace.SAML2.Certificates;

SAMLController.CertificateManager = new CertificateManager(SAMLController.Configurations);



If there's still an issue, please send the complete SAML log file as an email attachment to [email protected] mentioning your forum post.

Note that for more recent releases this isn't an issue as the certificate manager makes a call back to get the current SAML configuration.

Thanks a lot for your answer, this indeed fixed my issue!

Have a nice day :)
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
You're very welcome.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search