Hello, ComponentSpace calls the method GetPartnerIdentityProviderConfigurationAsync from the class that overrides AbstractSamlConfigurationResolver for each and every request processing.
As the configuration doesn’t change we only want it to call GetPartnerIdentityProviderConfigurationAsync method once during the initialization.
How should I do it?
We call these methods on each SSO request to ensure we have the latest configuration. This supports dynamic configurations, in particular.
If retrieving configuration is an expensive operation, your configuration resolver could cache the configuration. In many scenarios this isn’t required as SSO is a relatively infrequent operation and the cost to retrieve the configuration isn’t overly expensive.
However, if you do wish to cache the configuration you can do this within your implementation or make use of the cached configuration resolver included in the SAML library.
builder.Services.AddSaml():
builder.Services.AddCachedConfigurationResolver();
AddCachedConfigurationResolver adds the cached configuration resolver with configuration initially retrieved from the specified configuration resolver implementation.
[quote][/quote]
We call these methods on each SSO request to ensure we have the latest configuration. This supports dynamic configurations, in particular.
If retrieving configuration is an expensive operation, your configuration resolver could cache the configuration. In many scenarios this isn't required as SSO is a relatively infrequent operation and the cost to retrieve the configuration isn't overly expensive.
However, if you do wish to cache the configuration you can do this within your implementation or make use of the cached configuration resolver included in the SAML library.
builder.Services.AddSaml():
builder.Services.AddCachedConfigurationResolver();
AddCachedConfigurationResolver adds the cached configuration resolver with configuration initially retrieved from the specified configuration resolver implementation.
If retrieving configuration is an expensive operation, your configuration resolver could cache the configuration. In many scenarios this isn't required as SSO is a relatively infrequent operation and the cost to retrieve the configuration isn't overly expensive.
However, if you do wish to cache the configuration you can do this within your implementation or make use of the cached configuration resolver included in the SAML library.
builder.Services.AddSaml():
builder.Services.AddCachedConfigurationResolver();
AddCachedConfigurationResolver adds the cached configuration resolver with configuration initially retrieved from the specified configuration resolver implementation.
We were using the version 3.0 (Licensed), "AddCachedConfigurationResolver" is not available in the older version so we upgraded the version to 4.10 (Latest).
For some reason the same local service provider cert that was working with 3.0 doesn't work with 4.10
We are getting this error "ComponentSpace.Saml2.Exceptions.SamlConfigurationException: A valid X.509 encryption certificate for the local service provider hasn't been configured."
We store our cert string base64 encoded in the AWS Store Parameter.
Any suggestions as to how to fix this issue?
Thanks
Vali
Hi Vali,
Has the certificate expired?
If there’s still an issue, please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post.
https://www.componentspace.com/forums/7936/Enabling-SAML-Trace
Thanks.