ComponentSpace

Forums



There is no pending service provider authentication request.


There is no pending service provider authentication request.

Author
Message
jamesn
jamesn
New Member
New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)

Group: Awaiting Activation
Posts: 3, Visits: 12
I'm trying to create an Example Identity Provider that calls the WebForms/ExampleServiceProvider application provided by Component Space.

Here's my saml.config.  It's copied from the WebForms/ExampleIdentityProvider web config
:<?xml version="1.0"?>
[<SAMLConfiguration xmlns="urn:componentspace:SAML:2.0:configuration">
<IdentityProvider Name="https://ExampleIdentityProvider"
       Description="Example Identity Provider"
       LocalCertificateFile="Certificates\idp.pfx"
       LocalCertificatePassword="password"/>

<PartnerServiceProviders>
  <PartnerServiceProvider Name="https://ExampleServiceProvider"
          Description="Example Service Provider"
          WantAuthnRequestSigned="true"
          SignSAMLResponse="true"
          SignAssertion="false"
          EncryptAssertion="false"
          LocalCertificateStoreLocation="CurrentUser"
          AssertionConsumerServiceUrl="https://localhost:44338/SAML/AssertionConsumerService.aspx"
          SingleLogoutServiceUrl="https://localhost:44338/SAML/SLOService.aspx"
          PartnerCertificateFile="Certificates\sp.cer"/>
</PartnerServiceProviders>
</SAMLConfiguration>

I call InitiateSSO and SendSSO from my home controller.  I mocked the attributes from the example from Component Space:
public ActionResult Index()
   {
    ViewBag.Title = "Home Page";
    var userName = "testuser";

    IDictionary<string, string> attributes = new Dictionary<string, string>();
    attributes.Add("Email", "[email protected]");
    attributes.Add("GivenName", "Test");
    attributes.Add("FamilyName", "User");

     ComponentSpace.SAML2.Data.SessionIDDelegates.SecureSAMLCookie = false;
    var partnerName = "https://ExampleServiceProvider";
    string relayState = null;
    SAMLIdentityProvider.InitiateSSO(Response, userName, attributes, relayState, partnerName);
    SAMLIdentityProvider.SendSSO(Response, userName, attributes);
    return View();
The code throws the "There is no pending service provider authentication request." exception when it tries to call 
SAMLIdentityProvider.SendSSO(Response, userName, attributes);

Below is the SAML trace.  I'm completely stumped:


24584/10: 11/12/2019 11:06:48 AM: ComponentSpace.SAML2, Version=3.4.0.0, Culture=neutral, PublicKeyToken=16647a1283418145, .NET v4.6.2 build, Licensed.
24584/10: 11/12/2019 11:06:48 AM: CLR: 4.0.30319.42000, OS: Microsoft Windows NT 10.0.14393.0, Account: GHC-HMO\jniesen, Culture: English (United States)
24584/10: 11/12/2019 11:06:48 AM: Initializing the SAML environment.
24584/10: 11/12/2019 11:06:48 AM: Loading the SAML configuration file E:\repos\SAMLApps\ExampleIdentityProvider\ExampleIdentityProvider\saml.config.
24584/10: 11/12/2019 11:06:48 AM: SAML configuration:
<?xml version="1.0"?>
<SAMLConfiguration xmlns="urn:componentspace:SAML:2.0:configuration">
<IdentityProvider Name="https://ExampleIdentityProvider"
       Description="Example Identity Provider"
       LocalCertificateFile="Certificates\idp.pfx"
       LocalCertificatePassword="********"/>

<PartnerServiceProviders>
  <!-- MVC example -->
  <PartnerServiceProvider Name="https://ExampleServiceProvider"
          Description="Example Service Provider"
          WantAuthnRequestSigned="true"
          SignSAMLResponse="true"
          SignAssertion="false"
          EncryptAssertion="false"
          LocalCertificateStoreLocation="CurrentUser"
          AssertionConsumerServiceUrl="https://localhost:44338/SAML/AssertionConsumerService.aspx"
          SingleLogoutServiceUrl="https://localhost:44338/SAML/SLOService.aspx"
          PartnerCertificateFile="Certificates\sp.cer"/>
</PartnerServiceProviders>
</SAMLConfiguration>

24584/10: 11/12/2019 11:06:48 AM: The SAML configuration file has been successfully loaded.
24584/10: 11/12/2019 11:06:48 AM: SAML configuration changes in the directory E:\repos\SAMLApps\ExampleIdentityProvider\ExampleIdentityProvider are being monitored.
24584/10: 11/12/2019 11:06:48 AM: The SAML environment has been successfuly initialized.
24584/10: 11/12/2019 11:06:48 AM: The SAML_SessionId cookie with value 24bf7578-0c33-43b6-b339-0b6d9f8ac62c has been set.
24584/10: 11/12/2019 11:06:48 AM: Initiating SSO to the partner service provider https://ExampleServiceProvider.
24584/10: 11/12/2019 11:06:48 AM: Identity provider session (24bf7578-0c33-43b6-b339-0b6d9f8ac62c) state:
24584/10: 11/12/2019 11:06:48 AM: Retrieving the local identity provider signature certificates for the partner service provider https://ExampleServiceProvider.
24584/10: 11/12/2019 11:06:48 AM: Loading the X.509 certificate from the file E:\repos\SAMLApps\ExampleIdentityProvider\ExampleIdentityProvider\Certificates\idp.pfx.
24584/10: 11/12/2019 11:06:48 AM: The X.509 certificate with subject name CN=www.idp.com and serial number 74F0EBFE22358DB8433138F9558C9AF9 has been loaded.
24584/10: 11/12/2019 11:06:49 AM: The X.509 certificate with subject name CN=www.idp.com and serial number 74F0EBFE22358DB8433138F9558C9AF9 has been cached.
24584/10: 11/12/2019 11:06:49 AM: Generating an XML signature.
24584/10: 11/12/2019 11:06:49 AM: XML signature generation was successful.
24584/10: 11/12/2019 11:06:49 AM: Sending response over HTTP POST, targetURL=https://localhost:44338/SAML/AssertionConsumerService.aspx, samlMessage=<samlp
:Response ID="_2b3bdd0e-6bce-48e1-a2cd-7946118c7d46" Version="2.0" IssueInstant="2019-11-12T17:06:48.893Z"
Destination="https://localhost:44338/SAML/AssertionConsumerService.aspx" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
https://ExampleIdentityProvider</saml:Issuer><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><Reference URI="#_2b3bdd0e-6bce-48e1-a2cd-7946118c7d46">
<Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="#default samlp saml ds xs xsi" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transform></Transforms><DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><DigestValue>l0BObMAzdrxHbnj6OmQQQ3ztomYf9BqkFH6cwh6vY2Y=</DigestValue></Reference></SignedInfo>
<SignatureValue>Is7orRMyjDLwVo4rOGU5jc0229BvaEfVzPBMqZzFBhKHCVUfPFDTCFexkzLfuFD754eeF2vQPtQjLfGC+VCqP8i3xusmfEy3QOVtFLgnf0c3yHLzWXoInYQ8luyS3843l93k0bs/SnDFuZkePE/H18A
HebLithiFDy6OqZRFFI3mro4uWf0jbHwobrOsRyyLZuFwyLqleBXt/1+ckbbkeh54Er0rHfreTagpJM/Zl7JmhlbAX3JugE7ZUXt2ny4LQ0QT5BrtbXBRS348uPNJQXagUypd29q5ZJBKeap+B7IWb9pSb62J+qRSJ0d9RzA
o6RWavcsSWFnKs4/I5lu6Gg==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDATCCAemgAwIBAgIQdPDr/iI1jbhDMTj5VYya+TANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwt3d3cuaWRwL
mNvbTAeFw0xMzExMjIwODIwNTJaFw00OTEyMzExNDAwMDBaMBYxFDASBgNVBAMTC3d3dy5pZHAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0XJRLDrcbSyqUd8XG4BgxObQMYLAk
ENlmJOsAEpl1xMabUiq1X4v0Fc8ZaCpUE3fFGENMEWgBjnQUUE0WtVUh5JPMsukolf9qljbJkCkvHXH3O4Uen7vA2oNQWt4bK96SpXADpZKFvpk4D7btKOgU/NamjiqwHI4fI8kFJKwKBJchRPUQdC4ljRRmGIrSnp
Y+t25/d3KGXwbe9Z2MGGy2hyA0tgOWuchIK+1vAKKBUh9nDEXfr80+xW680w5TqHyDcqbWvQsXXhH0yZLfINKNS6/IojHPsBy7tf36Ck9H5Pw+1PPu6NzBFSz5ZkC8KzrS6vuZXc/ImYrnheMQsqqQIDAQABo0sw
STBHBgNVHQEEQDA+gBD4dY4MCPEmG4sxZrcni8vtoRgwFjEUMBIGA1UEAxMLd3d3LmlkcC5jb22CEHTw6/4iNY24QzE4+VWMmvkwDQYJKoZIhvcNAQELBQADggEBABhak2aR84MCdyXO4AKOQvZybsCMdh
Rq2i1i0WhD4/xe7Ry5haC6TeXIp8Q4cC3MzsrDal74xHI714BW0loafpHAsXfd9EvkKTVaJ+1Zpe16+SsTL4upS1cGydigqwUzsdpGck4wI1moJ9477O+46If2gF27u9Cdk7Onxe/5dwLIxWmkVRdbQIH5GsKUeAjOdRQmy+
X1MX6KyRoaCwWGYwxi5Sa+r+3AtDvD4BX0EJGKFZeeM3J/yMpYh/75aN0cFQfDEdJ7C5NE0vonidE0QtIFvsoWtZUtur2fiW7yBxse38TPQsi2r6A6c/TZsZ5bq31yh3gr3kSN62H8iVKLQLA=</X509Certificate>
</X509Data></KeyInfo></Signature><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status><saml:Assertion Version="2.0"
ID="_dc72263c-319e-4801-ac7e-392dece5aef0" IssueInstant="2019-11-12T17:06:48.897Z" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><saml:Issuer>https://ExampleIdentityProvider</saml:Issuer>
<saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">testuser</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData NotOnOrAfter="2019-11-12T17:09:48.899Z" Recipient="https://localhost:44338/SAML/AssertionConsumerService.aspx" /></saml:SubjectConfirmation></saml:Subject>
<saml:Conditions NotBefore="2019-11-12T17:03:48.897Z" NotOnOrAfter="2019-11-12T17:09:48.897Z"><saml:AudienceRestriction><saml:Audience>https://ExampleServiceProvider</saml:Audience>
</saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2019-11-12T17:06:48.9Z" SessionIndex="_dc72263c-319e-4801-ac7e-392dece5aef0"><saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute
Name="Email"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">[email protected]</saml:AttributeValue>
</saml:Attribute><saml:Attribute Name="GivenName"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Test</saml:AttributeValue>
</saml:Attribute><saml:Attribute Name="FamilyName"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">User</saml:AttributeValue>
</saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>, relayState=
24584/10: 11/12/2019 11:06:49 AM: Sending form by HTTP Post:
<html>
  <body>
   <noscript>
    <p>
      Since your browser doesn't support JavaScript, you must press the Continue button to proceed.
    </p>
   </noscript>
   <form id="samlform" action="https://localhost:44338/SAML/AssertionConsumerService.aspx" method="post" target="_self">
    <div>
      <input type="hidden" name="SAMLResponse" value="PHNhbWxwOlJlc3BvbnNlIElEPSJfMmIzYmRkMGUtNmJjZS00OGUxLWEyY2QtNzk0NjExOGM3ZDQ2IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGF
udD0iMjAxOS0xMS0xMlQxNzowNjo0OC44OTNaIiB
EZXN0aW5hdGlvbj0iaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzMzgvU0FNTC9Bc3NlcnRpb25Db25zdW1lclNlcnZpY2UuYXNweCIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0
YzpTQU1MOjIuMDpwcm90b2NvbCI+PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHBzOi8vRXhhbXBsZUlk
ZW50aXR5UHJvdmlkZXI8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmlj
YWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRw
Oi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjXzJiM2JkZDBlLTZiY2UtNDhlMS1hMmNkLTc5NDYxMThjN2Q0NiI+PFRyY
W5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPS
JodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxJbmNsdXNpdmVOYW1lc3BhY2VzIFByZWZpeExpc3Q9IiNkZWZhdWx0IHNhbWxwIHNhbWwgZHMgeHMgeHNpIiB4b
Wxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjwvVHJhbnNmb3JtPjwvVHJhbnNmb3Jtcz48RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53
My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2IiAvPjxEaWdlc3RWYWx1ZT5sMEJPYk1BemRyeEhibmo2T21RUVEzenRvbVlmOUJxa0ZINmN3aDZ2WTJZPTwvRGlnZXN0VmFsdWU+PC9SZ
WZlcmVuY2U+PC9TaWduZWRJbmZvPjxTaWduYXR1cmVWYWx1ZT5JczdvclJNeWpETHdWbzRyT0dVNWpjMDIyOUJ2YUVmVnpQQk1xWnpGQmhLSENWVWZQRkRUQ0ZleGt6TGZ1RkQ3N
TRlZUYydlFQdFFqTGZHQytWQ3FQOGkzeHVzbWZFeTNRT1Z0RkxnbmYwYzN5SEx6V1hvSW5ZUThsdXlTMzg0M2w5M2swYnMvU25ERnVaa2VQRS9IMThBSGViTGl0aGlGRHk2T3FaUkZGS
TNtcm80dVdmMGpiSHdvYnJPc1J5eUxadUZ3eUxxbGVCWHQvMStja2Jia2VoNTRFcjBySGZyZVRhZ3BKTS9abDdKbWhsYkFYM0p1Z0U3WlVYdDJueTRMUTBRVDVCcnRiWEJSUzM0OHVQ
TkpRWGFnVXlwZDI5cTVaSkJLZWFwK0I3SVdiOXBTYjYySitxUlNKMGQ5UnpBbzZSV2F2Y3NTV0ZuS3M0L0k1bHU2R2c9PTwvU2lnbmF0dXJlVmFsdWU+PEtleUluZm8+PFg1MDlEYXRhPjx
YNTA5Q2VydGlmaWNhdGU+TUlJREFUQ0NBZW1nQXdJQkFnSVFkUERyL2lJMWpiaERNVGo1Vll5YStUQU5CZ2txaGtpRzl3MEJBUXNGQURBV01SUXdFZ1lEVlFRREV3dDNkM2N1YVdSd0x
tTnZiVEFlRncweE16RXhNakl3T0RJd05USmFGdzAwT1RFeU16RXhOREF3TURCYU1CWXhGREFTQmdOVkJBTVRDM2QzZHk1cFpIQXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUF
PQ0FROEFNSUlCQ2dLQ0FRRUFpMFhKUkxEcmNiU3lxVWQ4WEc0Qmd4T2JRTVlMQWtFTmxtSk9zQUVwbDF4TWFiVWlxMVg0djBGYzhaYUNwVUUzZkZHRU5NRVdnQmpuUVVVRTBXdF
ZVaDVKUE1zdWtvbGY5cWxqYkprQ2t2SFhIM080VWVuN3ZBMm9OUVd0NGJLOTZTcFhBRHBaS0Z2cGs0RDdidEtPZ1UvTmFtamlxd0hJNGZJOGtGSkt3S0JKY2hSUFVRZEM0bGpSUm1HSXJ
TbnBZK3QyNS9kM0tHWHdiZTlaMk1HR3kyaHlBMHRnT1d1Y2hJSysxdkFLS0JVaDluREVYZnI4MCt4VzY4MHc1VHFIeURjcWJXdlFzWFhoSDB5WkxmSU5LTlM2L0lvakhQc0J5N3RmMzZDazlIN
VB3KzFQUHU2TnpCRlN6NVprQzhLenJTNnZ1WlhjL0ltWXJuaGVNUXNxcVFJREFRQUJvMHN3U1RCSEJnTlZIUUVFUURBK2dCRDRkWTRNQ1BFbUc0c3hacmNuaTh2dG9SZ3dGakVVTUJJR
0ExVUVBeE1MZDNkM0xtbGtjQzVqYjIyQ0VIVHc2LzRpTlkyNFF6RTQrVldNbXZrd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFCaGFrMmFSODRNQ2R5WE80QUtPUXZaeWJzQ01kaFJxMmkxa
TBXaEQ0L3hlN1J5NWhhQzZUZVhJcDhRNGNDM016c3JEYWw3NHhISTcxNEJXMGxvYWZwSEFzWGZkOUV2a0tUVmFKKzFacGUxNitTc1RMNHVwUzFjR3lkaWdxd1V6c2RwR2NrNHdJMW1vS
jk0NzdPKzQ2SWYyZ0YyN3U5Q2RrN09ueGUvNWR3TEl4V21rVlJkYlFJSDVHc0tVZUFqT2RSUW15K1gxTVg2S3lSb2FDd1dHWXd4aTVTYStyKzNBdER2RDRCWDBFSkdLRlplZU0zSi95TXBZaC
83NWFOMGNGUWZERWRKN0M1TkUwdm9uaWRFMFF0SUZ2c29XdFpVdHVyMmZpVzd5QnhzZTM4VFBRc2kycjZBNmMvVFpzWjVicTMxeWgzZ3Iza1NONjJIOGlWS0xRTEE9PC9YNTA5Q2VydG
lmaWNhdGU+PC9YNTA5RGF0YT48L0tleUluZm8+PC9TaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wO
nN0YXR1czpTdWNjZXNzIiAvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiBWZXJzaW9uPSIyLjAiIElEPSJfZGM3MjI2M2MtMzE5ZS00ODAxLWFjN2UtMzkyZGVjZTVhZWYwIiBJc3N1ZUluc3
RhbnQ9IjIwMTktMTEtMTJUMTc6MDY6NDguODk3WiIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vRXhhbXBsZUl
kZW50aXR5UHJvdmlkZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zc
GVjaWZpZWQiPnRlc3R1c2VyPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6
U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDE5LTExLTEyVDE3OjA5OjQ4Ljg5OVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzMzgvU0FNTC9Bc3NlcnRpb25
Db25zdW1lclNlcnZpY2UuYXNweCIgLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxOS0xMS0xMlQxNzowMzo0OC44O
TdaIiBOb3RPbk9yQWZ0ZXI9IjIwMTktMTEtMTJUMTc6MDk6NDguODk3WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL0V4YW1wbGVTZXJ2aWNlUHJvdmlk
ZXI8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE5LTExLTEy
VDE3OjA2OjQ4LjlaIiBTZXNzaW9uSW5kZXg9Il9kYzcyMjYzYy0zMTllLTQ4MDEtYWM3ZS0zOTJkZWNlNWFlZjAiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46
b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbW
VudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9IkVtYWlsIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cD
ovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPnRlc3R1c2VyQGlkcC5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU
+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iR2l2ZW5OYW1lIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcv
MjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPlRlc3Q8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdH
RyaWJ1dGUgTmFtZT0iRmFtaWx5TmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k
9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIj5Vc2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw
6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+"/>
    </div>
    <noscript>
      <div>
       <input type="submit" value="Continue"/>
      </div>
    </noscript>
   </form>
  </body>
  <script>
   function submitForm() {
    document.forms.samlform.submit();
   }

   if (document.readyState === "loading") {
  document.addEventListener("DOMContentLoaded", submitForm);
  } else {
  submitForm();
   }
  </script>
</html>

24584/10: 11/12/2019 11:06:49 AM: Sending SAML form:
<html>
  <body>
   <noscript>
    <p>
      Since your browser doesn't support JavaScript, you must press the Continue button to proceed.
    </p>
   </noscript>
   <form id="samlform" action="https://localhost:44338/SAML/AssertionConsumerService.aspx" method="post" target="_self">
    <div>
      <input type="hidden" name="SAMLResponse" value="PHNhbWxwOlJlc3BvbnNlIElEPSJfMmIzYmRkMGUtNmJjZS00OGUxLWEyY2QtNzk0NjExOGM3ZDQ2IiBWZXJzaW9uPSIyLjAiIElzc3VlSW5zdGFudD0iMjAxOS0xMS0xMlQxNzowNjo0OC44OTNaIiBEZXN0aW5hdGlvbj0iaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzMzgvU0FNTC9Bc3NlcnRpb25Db25zdW1lclNlcnZpY2UuYXNweCIgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCI+PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPmh0dHBzOi8vRXhhbXBsZUlkZW50aXR5UHJvdmlkZXI8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjXzJiM2JkZDBlLTZiY2UtNDhlMS1hMmNkLTc5NDYxMThjN2Q0NiI+PFRyYW5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxJbmNsdXNpdmVOYW1lc3BhY2VzIFByZWZpeExpc3Q9IiNkZWZhdWx0IHNhbWxwIHNhbWwgZHMgeHMgeHNpIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjwvVHJhbnNmb3JtPjwvVHJhbnNmb3Jtcz48RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2IiAvPjxEaWdlc3RWYWx1ZT5sMEJPYk1BemRyeEhibmo2T21RUVEzenRvbVlmOUJxa0ZINmN3aDZ2WTJZPTwvRGlnZXN0VmFsdWU+PC9SZWZlcmVuY2U+PC9TaWduZWRJbmZvPjxTaWduYXR1cmVWYWx1ZT5JczdvclJNeWpETHdWbzRyT0dVNWpjMDIyOUJ2YUVmVnpQQk1xWnpGQmhLSENWVWZQRkRUQ0ZleGt6TGZ1RkQ3NTRlZUYydlFQdFFqTGZHQytWQ3FQOGkzeHVzbWZFeTNRT1Z0RkxnbmYwYzN5SEx6V1hvSW5ZUThsdXlTMzg0M2w5M2swYnMvU25ERnVaa2VQRS9IMThBSGViTGl0aGlGRHk2T3FaUkZGSTNtcm80dVdmMGpiSHdvYnJPc1J5eUxadUZ3eUxxbGVCWHQvMStja2Jia2VoNTRFcjBySGZyZVRhZ3BKTS9abDdKbWhsYkFYM0p1Z0U3WlVYdDJueTRMUTBRVDVCcnRiWEJSUzM0OHVQTkpRWGFnVXlwZDI5cTVaSkJLZWFwK0I3SVdiOXBTYjYySitxUlNKMGQ5UnpBbzZSV2F2Y3NTV0ZuS3M0L0k1bHU2R2c9PTwvU2lnbmF0dXJlVmFsdWU+PEtleUluZm8+PFg1MDlEYXRhPjxYNTA5Q2VydGlmaWNhdGU+TUlJREFUQ0NBZW1nQXdJQkFnSVFkUERyL2lJMWpiaERNVGo1Vll5YStUQU5CZ2txaGtpRzl3MEJBUXNGQURBV01SUXdFZ1lEVlFRREV3dDNkM2N1YVdSd0xtTnZiVEFlRncweE16RXhNakl3T0RJd05USmFGdzAwT1RFeU16RXhOREF3TURCYU1CWXhGREFTQmdOVkJBTVRDM2QzZHk1cFpIQXVZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFpMFhKUkxEcmNiU3lxVWQ4WEc0Qmd4T2JRTVlMQWtFTmxtSk9zQUVwbDF4TWFiVWlxMVg0djBGYzhaYUNwVUUzZkZHRU5NRVdnQmpuUVVVRTBXdFZVaDVKUE1zdWtvbGY5cWxqYkprQ2t2SFhIM080VWVuN3ZBMm9OUVd0NGJLOTZTcFhBRHBaS0Z2cGs0RDdidEtPZ1UvTmFtamlxd0hJNGZJOGtGSkt3S0JKY2hSUFVRZEM0bGpSUm1HSXJTbnBZK3QyNS9kM0tHWHdiZTlaMk1HR3kyaHlBMHRnT1d1Y2hJSysxdkFLS0JVaDluREVYZnI4MCt4VzY4MHc1VHFIeURjcWJXdlFzWFhoSDB5WkxmSU5LTlM2L0lvakhQc0J5N3RmMzZDazlINVB3KzFQUHU2TnpCRlN6NVprQzhLenJTNnZ1WlhjL0ltWXJuaGVNUXNxcVFJREFRQUJvMHN3U1RCSEJnTlZIUUVFUURBK2dCRDRkWTRNQ1BFbUc0c3hacmNuaTh2dG9SZ3dGakVVTUJJR0ExVUVBeE1MZDNkM0xtbGtjQzVqYjIyQ0VIVHc2LzRpTlkyNFF6RTQrVldNbXZrd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFCaGFrMmFSODRNQ2R5WE80QUtPUXZaeWJzQ01kaFJxMmkxaTBXaEQ0L3hlN1J5NWhhQzZUZVhJcDhRNGNDM016c3JEYWw3NHhISTcxNEJXMGxvYWZwSEFzWGZkOUV2a0tUVmFKKzFacGUxNitTc1RMNHVwUzFjR3lkaWdxd1V6c2RwR2NrNHdJMW1vSjk0NzdPKzQ2SWYyZ0YyN3U5Q2RrN09ueGUvNWR3TEl4V21rVlJkYlFJSDVHc0tVZUFqT2RSUW15K1gxTVg2S3lSb2FDd1dHWXd4aTVTYStyKzNBdER2RDRCWDBFSkdLRlplZU0zSi95TXBZaC83NWFOMGNGUWZERWRKN0M1TkUwdm9uaWRFMFF0SUZ2c29XdFpVdHVyMmZpVzd5QnhzZTM4VFBRc2kycjZBNmMvVFpzWjVicTMxeWgzZ3Iza1NONjJIOGlWS0xRTEE9PC9YNTA5Q2VydGlmaWNhdGU+PC9YNTA5RGF0YT48L0tleUluZm8+PC9TaWduYXR1cmU+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIiAvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiBWZXJzaW9uPSIyLjAiIElEPSJfZGM3MjI2M2MtMzE5ZS00ODAxLWFjN2UtMzkyZGVjZTVhZWYwIiBJc3N1ZUluc3RhbnQ9IjIwMTktMTEtMTJUMTc6MDY6NDguODk3WiIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWw6SXNzdWVyPmh0dHBzOi8vRXhhbXBsZUlkZW50aXR5UHJvdmlkZXI8L3NhbWw6SXNzdWVyPjxzYW1sOlN1YmplY3Q+PHNhbWw6TmFtZUlEIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6MS4xOm5hbWVpZC1mb3JtYXQ6dW5zcGVjaWZpZWQiPnRlc3R1c2VyPC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDE5LTExLTEyVDE3OjA5OjQ4Ljg5OVoiIFJlY2lwaWVudD0iaHR0cHM6Ly9sb2NhbGhvc3Q6NDQzMzgvU0FNTC9Bc3NlcnRpb25Db25zdW1lclNlcnZpY2UuYXNweCIgLz48L3NhbWw6U3ViamVjdENvbmZpcm1hdGlvbj48L3NhbWw6U3ViamVjdD48c2FtbDpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxOS0xMS0xMlQxNzowMzo0OC44OTdaIiBOb3RPbk9yQWZ0ZXI9IjIwMTktMTEtMTJUMTc6MDk6NDguODk3WiI+PHNhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48c2FtbDpBdWRpZW5jZT5odHRwczovL0V4YW1wbGVTZXJ2aWNlUHJvdmlkZXI8L3NhbWw6QXVkaWVuY2U+PC9zYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PC9zYW1sOkNvbmRpdGlvbnM+PHNhbWw6QXV0aG5TdGF0ZW1lbnQgQXV0aG5JbnN0YW50PSIyMDE5LTExLTEyVDE3OjA2OjQ4LjlaIiBTZXNzaW9uSW5kZXg9Il9kYzcyMjYzYy0zMTllLTQ4MDEtYWM3ZS0zOTJkZWNlNWFlZjAiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9IkVtYWlsIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPnRlc3R1c2VyQGlkcC5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iR2l2ZW5OYW1lIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPlRlc3Q8L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48c2FtbDpBdHRyaWJ1dGUgTmFtZT0iRmFtaWx5TmFtZSI+PHNhbWw6QXR0cmlidXRlVmFsdWUgeHNpOnR5cGU9InhzOnN0cmluZyIgeG1sbnM6eHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hIiB4bWxuczp4c2k9Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hLWluc3RhbmNlIj5Vc2VyPC9zYW1sOkF0dHJpYnV0ZVZhbHVlPjwvc2FtbDpBdHRyaWJ1dGU+PC9zYW1sOkF0dHJpYnV0ZVN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+"/>
    </div>
    <noscript>
      <div>
       <input type="submit" value="Continue"/>
      </div>
    </noscript>
   </form>
  </body>
  <script>
   function submitForm() {
    document.forms.samlform.submit();
   }

   if (document.readyState === "loading") {
  document.addEventListener("DOMContentLoaded", submitForm);
  } else {
  submitForm();
   }
  </script>
</html>

24584/10: 11/12/2019 11:06:49 AM: Response sent over HTTP POST.
24584/10: 11/12/2019 11:06:49 AM: SAML message sent: partner=https://ExampleServiceProvider, message=<samlp:Response ID="_2b3bdd0e-6bce-48e1-a2cd-7946118c7d46" Version="2.0" IssueInstant="2019-11-12T17:06:48.893Z" Destination="https://localhost:44338/SAML/AssertionConsumerService.aspx" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://ExampleIdentityProvider</saml:Issuer><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" /><Reference URI="#_2b3bdd0e-6bce-48e1-a2cd-7946118c7d46"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><InclusiveNamespaces PrefixList="#default samlp saml ds xs xsi" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" /></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" /><DigestValue>l0BObMAzdrxHbnj6OmQQQ3ztomYf9BqkFH6cwh6vY2Y=</DigestValue></Reference></SignedInfo><SignatureValue>Is7orRMyjDLwVo4rOGU5jc0229BvaEfVzPBMqZzFBhKHCVUfPFDTCFexkzLfuFD754eeF2vQPtQjLfGC+VCqP8i3xusmfEy3QOVtFLgnf0c3yHLzWXoInYQ8luyS3843l93k0bs/SnDFuZkePE/H18AHebLithiFDy6OqZRFFI3mro4uWf0jbHwobrOsRyyLZuFwyLqleBXt/1+ckbbkeh54Er0rHfreTagpJM/Zl7JmhlbAX3JugE7ZUXt2ny4LQ0QT5BrtbXBRS348uPNJQXagUypd29q5ZJBKeap+B7IWb9pSb62J+qRSJ0d9RzAo6RWavcsSWFnKs4/I5lu6Gg==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDATCCAemgAwIBAgIQdPDr/iI1jbhDMTj5VYya+TANBgkqhkiG9w0BAQsFADAWMRQwEgYDVQQDEwt3d3cuaWRwLmNvbTAeFw0xMzExMjIwODIwNTJaFw00OTEyMzExNDAwMDBaMBYxFDASBgNVBAMTC3d3dy5pZHAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0XJRLDrcbSyqUd8XG4BgxObQMYLAkENlmJOsAEpl1xMabUiq1X4v0Fc8ZaCpUE3fFGENMEWgBjnQUUE0WtVUh5JPMsukolf9qljbJkCkvHXH3O4Uen7vA2oNQWt4bK96SpXADpZKFvpk4D7btKOgU/NamjiqwHI4fI8kFJKwKBJchRPUQdC4ljRRmGIrSnpY+t25/d3KGXwbe9Z2MGGy2hyA0tgOWuchIK+1vAKKBUh9nDEXfr80+xW680w5TqHyDcqbWvQsXXhH0yZLfINKNS6/IojHPsBy7tf36Ck9H5Pw+1PPu6NzBFSz5ZkC8KzrS6vuZXc/ImYrnheMQsqqQIDAQABo0swSTBHBgNVHQEEQDA+gBD4dY4MCPEmG4sxZrcni8vtoRgwFjEUMBIGA1UEAxMLd3d3LmlkcC5jb22CEHTw6/4iNY24QzE4+VWMmvkwDQYJKoZIhvcNAQELBQADggEBABhak2aR84MCdyXO4AKOQvZybsCMdhRq2i1i0WhD4/xe7Ry5haC6TeXIp8Q4cC3MzsrDal74xHI714BW0loafpHAsXfd9EvkKTVaJ+1Zpe16+SsTL4upS1cGydigqwUzsdpGck4wI1moJ9477O+46If2gF27u9Cdk7Onxe/5dwLIxWmkVRdbQIH5GsKUeAjOdRQmy+X1MX6KyRoaCwWGYwxi5Sa+r+3AtDvD4BX0EJGKFZeeM3J/yMpYh/75aN0cFQfDEdJ7C5NE0vonidE0QtIFvsoWtZUtur2fiW7yBxse38TPQsi2r6A6c/TZsZ5bq31yh3gr3kSN62H8iVKLQLA=</X509Certificate></X509Data></KeyInfo></Signature><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status><saml:Assertion Version="2.0" ID="_dc72263c-319e-4801-ac7e-392dece5aef0" IssueInstant="2019-11-12T17:06:48.897Z" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"><saml:Issuer>https://ExampleIdentityProvider</saml:Issuer><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">testuser</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData NotOnOrAfter="2019-11-12T17:09:48.899Z" Recipient="https://localhost:44338/SAML/AssertionConsumerService.aspx" /></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2019-11-12T17:03:48.897Z" NotOnOrAfter="2019-11-12T17:09:48.897Z"><saml:AudienceRestriction><saml:Audience>https://ExampleServiceProvider</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2019-11-12T17:06:48.9Z" SessionIndex="_dc72263c-319e-4801-ac7e-392dece5aef0"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute Name="Email"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">[email protected]</saml:AttributeValue></saml:Attribute><saml:Attribute Name="GivenName"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">Test</saml:AttributeValue></saml:Attribute><saml:Attribute Name="FamilyName"><saml:AttributeValue xsi:type="xs:string" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">User</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>, relay state=, destination URL=https://localhost:44338/SAML/AssertionConsumerService.aspx
24584/10: 11/12/2019 11:06:49 AM: Identity provider session (24bf7578-0c33-43b6-b339-0b6d9f8ac62c) state:
SSO session state:
Partner name: https://ExampleServiceProvider
Name ID: <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">testuser</saml:NameID>
Session index: _dc72263c-319e-4801-ac7e-392dece5aef0

24584/10: 11/12/2019 11:06:49 AM: Initiation of SSO to the partner service provider https://ExampleServiceProvider has completed successfully.
24584/10: 11/12/2019 11:06:52 AM: Sending an SSO response to a partner service provider.
24584/10: 11/12/2019 11:06:52 AM: Identity provider session (24bf7578-0c33-43b6-b339-0b6d9f8ac62c) state:
SSO session state:
Partner name: https://ExampleServiceProvider
Name ID: <saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">testuser</saml:NameID>
Session index: _dc72263c-319e-4801-ac7e-392dece5aef0

24584/10: 11/12/2019 11:06:52 AM: Exception: ComponentSpace.SAML2.Exceptions.SAMLProtocolException: There is no pending service provider authentication request.
24584/10: 11/12/2019 11:06:52 AM:  at ComponentSpace.SAML2.InternalSAMLIdentityProvider.SendSSO(HttpResponseBase httpResponse, String userName, SAMLAttribute[] attributes, String authnContext, Status status, String assertionConsumerServiceUrl)
 at ComponentSpace.SAML2.SAMLIdentityProvider.SendSSO(HttpResponseBase httpResponse, String userName, IDictionary`2 attributes)
 at ExampleIdentityProvider.Controllers.HomeController.Index() in E:\repos\SAMLApps\ExampleIdentityProvider\ExampleIdentityProvider\Controllers\HomeController.cs:line 26
 at lambda_method(Closure , ControllerBase , Object[] )
 at System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters)
 at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters)
 at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c.<BeginInvokeSynchronousActionMethod>b__9_0(IAsyncResult asyncResult, ActionInvocation innerInvokeState)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`2.CallEndDelegate(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_0.<InvokeActionMethodFilterAsynchronouslyRecursive>b__0()
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2()
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass7_0.<BeginInvokeActionMethodWithFilters>b__1(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass3_6.<BeginInvokeAction>b__4()
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass3_1.<BeginInvokeAction>b__1(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
 at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult)
 at System.Web.Mvc.Controller.<>c.<BeginExecuteCore>b__152_1(IAsyncResult asyncResult, ExecuteCoreState innerState)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
 at System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult)
 at System.Web.Mvc.Controller.<>c.<BeginExecute>b__151_2(IAsyncResult asyncResult, Controller controller)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
 at System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult)
 at System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult)
 at System.Web.Mvc.MvcHandler.<>c.<BeginProcessRequest>b__20_1(IAsyncResult asyncResult, ProcessRequestState innerState)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
 at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
 at System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult)
 at System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result)
 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
 at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
 at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)
 at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)
 at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
 at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
 at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
 at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
 at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
 at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)






ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
SAMLIdentityProvider.InitiateSSO creates and sends a SAML response to a partner SP as part of IdP-initiated SSO.

The IdP-initiated SSO flow is:
1. Authenticate the user.
2. Call SAMLIdentityProvider.InitiateSSO to create and send a SAML response to the SP.
3. Control is now at the SP to process the SAML response.

SAMLIdentityProvider.SendSSO creates and sends a SAML response to a partner SP as part of SP-initiated SSO.
It only makes sense to call SAMLIdentityProvider.SendSSO if SAMLIdentityProvider.ReceiveSSO has been previously called to receive and process an authn request.
Also, you shouldn't call SAMLIdentityProvider.SendSSO immediately after SAMLIdentityProvider.InitiateSSO.
This will effectively discard the call to SAMLIdentityProvider.InitiateSSO as only one SAML response can be sent to the SP at any one time via the HTTP response.

The SP-initiated SSO flow is:

1. Call SAMLIdentityProvider.ReceiveSSO to receive and process a SAML authn request sent by the SP.
2. Authenticate the user.
3. Call SAMLIdentityProvider.SendSSO to create and send a SAML response to the SP.
4. Control is now at the SP to process the SAML response.

The ExampleIdentityProvider project under the Examples\SSO\WebForms folder demonstrates calling these APIs.
The Examples Guide walks you through the ExampleIdentityProvider and other projects.

Regards
ComponentSpace Development
jamesn
jamesn
New Member
New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)New Member (5 reputation)

Group: Awaiting Activation
Posts: 3, Visits: 12
ComponentSpace - 11/12/2019
SAMLIdentityProvider.InitiateSSO creates and sends a SAML response to a partner SP as part of IdP-initiated SSO.

The IdP-initiated SSO flow is:
1. Authenticate the user.
2. Call SAMLIdentityProvider.InitiateSSO to create and send a SAML response to the SP.
3. Control is now at the SP to process the SAML response.

SAMLIdentityProvider.SendSSO creates and sends a SAML response to a partner SP as part of SP-initiated SSO.
It only makes sense to call SAMLIdentityProvider.SendSSO if SAMLIdentityProvider.ReceiveSSO has been previously called to receive and process an authn request.
Also, you shouldn't call SAMLIdentityProvider.SendSSO immediately after SAMLIdentityProvider.InitiateSSO.
This will effectively discard the call to SAMLIdentityProvider.InitiateSSO as only one SAML response can be sent to the SP at any one time via the HTTP response.

The SP-initiated SSO flow is:

1. Call SAMLIdentityProvider.ReceiveSSO to receive and process a SAML authn request sent by the SP.
2. Authenticate the user.
3. Call SAMLIdentityProvider.SendSSO to create and send a SAML response to the SP.
4. Control is now at the SP to process the SAML response.

The ExampleIdentityProvider project under the Examples\SSO\WebForms folder demonstrates calling these APIs.
The Examples Guide walks you through the ExampleIdentityProvider and other projects.

Thanks, I got it working after reading your post
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
You're welcome.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search