There is the DisableInResponseToCheck setting as mentioned above but it would be better to avoid the issue in the first place if possible. From the SO link it doesn't sound like the two HTTP Gets will be different but it would be worth checking. Please capture the HTTP traffic using Fiddler and send the .saz archive file to [email protected]. Is the intention to immediately initiate SSO when the user browses to the URL without any further intervention (eg clicking a button)? I'm just wondering if the issue could be avoided with a small redesign of the UI. Otherwise, could your application keep track of whether there's a pending SSO request and not call InitiateSsoAsync again until a SAML response is received or a small timeout period elapses?
Regards ComponentSpace Development
|