Hi…
Any ideas… why I’m getting this
500 Request contains insufficient information to determine the protocol binding (did you type a protocol endpoint URL directly into the location bar of your browser?).
1. https://applinkdemo.albridge.com/sp/ACS.saml2?opentoken=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
2. Request Method:
GET
3. Status Code:
500 Request contains insufficient information to determine the protocol binding (did you type a protocol endpoint URL directly into the location bar of your browser?).
I’m not sure exactly.
From the ACS included in the URL I assume this link is to the service provider’s assertion consumer service.
Is that correct?
If so, it should be receiving a SAML response using an HTTP Post not an HTTP Get.
I’m also not sure why the URL includes an OpenToken. This isn’t part of SAML SSO.
Could you provide more details about your scenario? Are you acting as the identity provider?
If so, are you calling our SAMLIdentityProvider.InitiateSSO or SAMLIdentityProvider.SendSSO API?
You’re welcome to email our support address with the specific information if you prefer.
[quote][/quote]
I'm not sure exactly.
From the ACS included in the URL I assume this link is to the service provider's assertion consumer service.
Is that correct?
If so, it should be receiving a SAML response using an HTTP Post not an HTTP Get.
I'm also not sure why the URL includes an OpenToken. This isn't part of SAML SSO.
Could you provide more details about your scenario? Are you acting as the identity provider?
If so, are you calling our SAMLIdentityProvider.InitiateSSO or SAMLIdentityProvider.SendSSO API?
You're welcome to email our support address with the specific information if you prefer.
From the ACS included in the URL I assume this link is to the service provider's assertion consumer service.
Is that correct?
If so, it should be receiving a SAML response using an HTTP Post not an HTTP Get.
I'm also not sure why the URL includes an OpenToken. This isn't part of SAML SSO.
Could you provide more details about your scenario? Are you acting as the identity provider?
If so, are you calling our SAMLIdentityProvider.InitiateSSO or SAMLIdentityProvider.SendSSO API?
You're welcome to email our support address with the specific information if you prefer.
Yes..
Calling POST
IdentityProvider.SendSAMLResponseByHTTPPost(Response, SAMLConfiguration.AssertionConsumerServiceURL, samlResponseXml, relayState);
IdentityProvider.SendSAMLResponseByHTTPPost(Response, SAMLConfiguration.AssertionConsumerServiceURL, samlResponseXml, relayState);
I've used previous version of you product with great results
IdentityProvider.SendSAMLResponseByHTTPPost definitely sends the SAML response using an HTTP Post.
Are there any intermediate nodes such as a load balancer etc that could be replacing the HTTP Post with an HTTP Get?
Could you use something like Fiddler to confirm that an HTTP Post with SAMLResponse post data is being sent to the service provider’s assertion consumer service?
If that’s the case you might need assistance from the service provider to track down the issue.
I know that sometimes incorrectly configured load balancers can be the issue.
Let me know what you find.