ComponentSpace

Forums



Error Receiving AuthnRequest


Error Receiving AuthnRequest

Author
Message
prgscd01
prgscd01
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 8
Trying to setup SP initiated SSO using the low level api.  
My AutnRequest is doing an http post to this URL:
http://localhost.riteaid.com/sm/smidentity/smsp0001.aspx?SAMLRequest=nZJNT8MwDIb%2FSpX72rQb24jWTkgTUqWBEBscuJk2azM1H8QuGv%2Be7JOJAwekHCz7tV%2F5cWbzne6iT%2BlRWZOzNOYskqaytTJNzl7W94MpmxczBN1lTixtY3t6lh%2B9RIpCp0FxLOWs90ZYQIXCgJYoqBKru4elyGIunLdkK9uxaBEalQE6uLVEDkWSeHDWE3QV%2BNgrkqDquLI6wf0D53TjQ9ApznkaA7rdfOOtfoJG5keNqqUhRV8hRPujQpeHBFoNlkXlImeQbTe32Xg42o7a923bpLzlo0mWjmEyGSsIIsRelgYJDOUs4xkf8OkgHa5TLm64GPJ4PM3eWPR6Bha2Yyc84tDsr7H8TQUQpd%2BTYMWFBEHtBtBTG1ttVKzBtHsUs%2BTa4mz4GEaWi38ZUrgDkvWyD6nz9OO8y7VXEvdLlqaWu6Q4iX59guIb

Code snippet to recieive the request
  Private Function ReceiveAuthnRequest(ByVal Request As HttpRequest) As String _
    Implements ISMProfilesSSOBrowser.ReceiveAuthnRequest

    ' Receive the SAML response.
    Dim _authnRequestXml As XmlElement = Nothing
    Dim _strRelayState As String = ""

    Try
      IdentityProvider.ReceiveAuthnRequestByHTTPPost(Request, _authnRequestXml, _strRelayState)

      'Deserialize the XML.
      Dim _authnRequest As New AuthnRequest(_authnRequestXml)
    Catch _ex As Exception
      WriteEntry("ReceiveAuthnRequest", vbNewLine & "Recieve SAML Authn Request failed.", _ex)
      Throw
    End Try

Getting this error;  {"The form is missing the variable SAMLRequest"}  on the ReceiveAuthnRequestByHTTPPost

Do I need to add a variable on my aspx from called "SAMLRequest"??

Thanks.





ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Our recommendation is to use the SAML high-level API wherever possible as it's much easier to use.

The authn request URL includes the SAML authn request as the SAMLRequest query string parameter. In other words, it's using the HTTP-Redirect rather than the HTTP-Post binding.

IdentityProvider.ReceiveAuthnRequestByHTTPPost expects the SAML authn request to be sent using HTTP-Post and throws the exception you see if this isn't the case.

You should call ServiceProvider.SendAuthnRequestByHTTPPost rather than ServiceProvider.SendAuthnRequestByHTTPRedirect to send the authn request.

If you were to use the SAML high-level API, SAMLIdentityProvider.ReceiveSSO automatically handles receiving the SAML authn request using either HTTP-Post or HTTP-Redirect.

Regards
ComponentSpace Development
prgscd01
prgscd01
New Member
New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)New Member (4 reputation)

Group: Forum Members
Posts: 3, Visits: 8
ComponentSpace - 12/7/2020
Our recommendation is to use the SAML high-level API wherever possible as it's much easier to use.

The authn request URL includes the SAML authn request as the SAMLRequest query string parameter. In other words, it's using the HTTP-Redirect rather than the HTTP-Post binding.

IdentityProvider.ReceiveAuthnRequestByHTTPPost expects the SAML authn request to be sent using HTTP-Post and throws the exception you see if this isn't the case.

You should call ServiceProvider.SendAuthnRequestByHTTPPost rather than ServiceProvider.SendAuthnRequestByHTTPRedirect to send the authn request.

If you were to use the SAML high-level API, SAMLIdentityProvider.ReceiveSSO automatically handles receiving the SAML authn request using either HTTP-Post or HTTP-Redirect.

Thank you!  That makes sense.  I am on a very old version of ComponentSpace - 2.2.0.13.  I don't see the high level api method in this version.  Do you know what version it's available in, or is there an equivalent method in this version?  I don't have the luxury of updating versions right now.

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
The SAML high-level API was introduced in v2.5.0 back in 2013. The version you have was released in 2010.

You'll find the release notes at:

https://www.componentspace.com/Forums/8576/Release-Notes

If you can't upgrade at the moment, you'll need to call ServiceProvider.SendAuthnRequestByHTTPPost rather than ServiceProvider.SendAuthnRequestByHTTPRedirect to send the authn request.


Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search