ComponentSpace

Forums



The required antiforgery cookie is not present


The required antiforgery cookie is not present

Author
Message
Arif
Arif
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 2
Hello,
When I use SAML I get 

Microsoft.AspNetCore.Antiforgery.AntiforgeryValidationException: The required antiforgery cookie ".AspNetCore.Antiforgery.lUBs-Ula_fY" is not present.
 at Microsoft.AspNetCore.Antiforgery.Internal.DefaultAntiforgery.ValidateRequestAsync(HttpContext httpContext)
 at Microsoft.AspNetCore.Mvc.ViewFeatures.Internal.ValidateAntiforgeryTokenAuthorizationFilter.OnAuthorizationAsync(AuthorizationFilterContext context)
Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker:Information: Authorization failed for the request at filter 'Microsoft.AspNetCore.Mvc.ViewFeatures.Internal.AutoValidateAntiforgeryTokenAuthorizationFilter'.
Microsoft.AspNetCore.Mvc.StatusCodeResult:Information: Executing HttpStatusCodeResult, setting HTTP status code 400
Microsoft.AspNetCore.Mvc.RazorPages.Internal.PageActionInvoker:Information: Executed page /SAML/AssertionConsumerService in 89.0379ms
Microsoft.AspNetCore.Routing.EndpointMiddleware:Information: Executed endpoint 'Page: /SAML/AssertionConsumerService'
Microsoft.AspNetCore.Hosting.Internal.WebHost:Information: Request finished in 140.6963ms 400

Do you have any suggestions for that?

Do you have any suggestions for that?

28/5000Do you have any suggestions for that?

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)

Group: Administrators
Posts: 2.8K, Visits: 8.8K
An antiforgery validation exception occurs if an HTML form with an antiforgery hidden form variable is received but the corresponding antiforgery cookie is not. This is configured through the @Html.AntiForgeryToken() directive in the HTML form.

SAML messages sent using the HTTP-Post binding are received as post data (ie equivalent to posting HTML form variables). However, the post shouldn't include an antiforgery hidden form variable. Our SAML API doesn't include antiforgery hidden form variables.

Can you reproduce the issue using the ExampleIdentityProvider and ExampleServiceProvider projects we ship?

Assuming you can't, I suggest comparing these projects with your application.

If there's still an issue, please zip up a simple project demonstrating the issue and email it to [email protected] mentioning your forum post.

Regards
ComponentSpace Development
Arif
Arif
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 2
ComponentSpace - 9/19/2019
An antiforgery validation exception occurs if an HTML form with an antiforgery hidden form variable is received but the corresponding antiforgery cookie is not. This is configured through the @Html.AntiForgeryToken() directive in the HTML form.

SAML messages sent using the HTTP-Post binding are received as post data (ie equivalent to posting HTML form variables). However, the post shouldn't include an antiforgery hidden form variable. Our SAML API doesn't include antiforgery hidden form variables.

Can you reproduce the issue using the ExampleIdentityProvider and ExampleServiceProvider projects we ship?

Assuming you can't, I suggest comparing these projects with your application.

If there's still an issue, please zip up a simple project demonstrating the issue and email it to [email protected] mentioning your forum post.



Arif
Arif
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 2
ComponentSpace - 9/19/2019
An antiforgery validation exception occurs if an HTML form with an antiforgery hidden form variable is received but the corresponding antiforgery cookie is not. This is configured through the @Html.AntiForgeryToken() directive in the HTML form.

SAML messages sent using the HTTP-Post binding are received as post data (ie equivalent to posting HTML form variables). However, the post shouldn't include an antiforgery hidden form variable. Our SAML API doesn't include antiforgery hidden form variables.

Can you reproduce the issue using the ExampleIdentityProvider and ExampleServiceProvider projects we ship?

Assuming you can't, I suggest comparing these projects with your application.

If there's still an issue, please zip up a simple project demonstrating the issue and email it to [email protected] mentioning your forum post.

Hi Thanks for the response. I solved the problem by adding [IgnoreAntiforgeryToken (Order = 1001)]

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)ComponentSpace Development (3.9K reputation)

Group: Administrators
Posts: 2.8K, Visits: 8.8K
Thanks for the update.
May I ask exactly where you added this as it shouldn't be necessary?

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Social Logins

Select a Forum....









Forums, Documentation & Knowledge Base - ComponentSpace


Search