I am currently working with a new IDP, who is running into some issues when POSTing to our ACS endpoint. After doing some digging, I've found the issue as it relates to the Content-Type request header sent from their server.
The exception I'm seeing in our logs reads:
Message: A SAML message cannot be received as the HTTP request is unrecognized.
It appears their server sends the following Content-Type request header:
Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1
Upon removing the "charset" directive from the Content-Type, the request is able to make it through successfully. My understanding is Content-Type: application/x-www-form-urlencoded assumes UTF-8, but some legacy IIS servers may still require an associated charset to be provided.
I am reaching out today, in hopes to gain some more information on how ComponentSpace reads in the Content-Type, and whether or not there are any easy workarounds to this issue. Unfortunately, it may be a large task for our IDP partner to remove "charset" from their header.
Any insight on this issue would be greatly appreciated!