Trying to setup SP initiated SSO using the low level api.
My AutnRequest is doing an http post to this URL:
http://localhost.riteaid.com/sm/smidentity/smsp0001.aspx?SAMLRequest=nZJNT8MwDIb%2FSpX72rQb24jWTkgTUqWBEBscuJk2azM1H8QuGv%2Be7JOJAwekHCz7tV%2F5cWbzne6iT%2BlRWZOzNOYskqaytTJNzl7W94MpmxczBN1lTixtY3t6lh%2B9RIpCp0FxLOWs90ZYQIXCgJYoqBKru4elyGIunLdkK9uxaBEalQE6uLVEDkWSeHDWE3QV%2BNgrkqDquLI6wf0D53TjQ9ApznkaA7rdfOOtfoJG5keNqqUhRV8hRPujQpeHBFoNlkXlImeQbTe32Xg42o7a923bpLzlo0mWjmEyGSsIIsRelgYJDOUs4xkf8OkgHa5TLm64GPJ4PM3eWPR6Bha2Yyc84tDsr7H8TQUQpd%2BTYMWFBEHtBtBTG1ttVKzBtHsUs%2BTa4mz4GEaWi38ZUrgDkvWyD6nz9OO8y7VXEvdLlqaWu6Q4iX59guIb
Code snippet to recieive the request
Private Function ReceiveAuthnRequest(ByVal Request As HttpRequest) As String _
Implements ISMProfilesSSOBrowser.ReceiveAuthnRequest
’ Receive the SAML response.
Dim _authnRequestXml As XmlElement = Nothing
Dim _strRelayState As String = “”
Try
IdentityProvider.ReceiveAuthnRequestByHTTPPost(Request, _authnRequestXml, _strRelayState)
'Deserialize the XML.
Dim _authnRequest As New AuthnRequest(_authnRequestXml)
Catch _ex As Exception
WriteEntry(“ReceiveAuthnRequest”, vbNewLine & “Recieve SAML Authn Request failed.”, _ex)
Throw
End Try
Getting this error; {“The form is missing the variable SAMLRequest”} on the ReceiveAuthnRequestByHTTPPost
Do I need to add a variable on my aspx from called “SAMLRequest”??
Thanks.
Our recommendation is to use the SAML high-level API wherever possible as it’s much easier to use.
The authn request URL includes the SAML authn request as the SAMLRequest query string parameter. In other words, it’s using the HTTP-Redirect rather than the HTTP-Post binding.
IdentityProvider.ReceiveAuthnRequestByHTTPPost expects the SAML authn request to be sent using HTTP-Post and throws the exception you see if this isn’t the case.
You should call ServiceProvider.SendAuthnRequestByHTTPPost rather than ServiceProvider.SendAuthnRequestByHTTPRedirect to send the authn request.
If you were to use the SAML high-level API, SAMLIdentityProvider.ReceiveSSO automatically handles receiving the SAML authn request using either HTTP-Post or HTTP-Redirect.
The authn request URL includes the SAML authn request as the SAMLRequest query string parameter. In other words, it's using the HTTP-Redirect rather than the HTTP-Post binding.
IdentityProvider.ReceiveAuthnRequestByHTTPPost expects the SAML authn request to be sent using HTTP-Post and throws the exception you see if this isn't the case.
You should call ServiceProvider.SendAuthnRequestByHTTPPost rather than ServiceProvider.SendAuthnRequestByHTTPRedirect to send the authn request.
If you were to use the SAML high-level API, SAMLIdentityProvider.ReceiveSSO automatically handles receiving the SAML authn request using either HTTP-Post or HTTP-Redirect.
Thank you! That makes sense. I am on a very old version of ComponentSpace - 2.2.0.13. I don't see the high level api method in this version. Do you know what version it's available in, or is there an equivalent method in this version? I don't have the luxury of updating versions right now.
The SAML high-level API was introduced in v2.5.0 back in 2013. The version you have was released in 2010.
You’ll find the release notes at:
https://www.componentspace.com/documentation/saml-for-asp-net/ComponentSpace%20SAML%20for%20ASP.NET%20Release%20Notes.pdf
If you can’t upgrade at the moment, you’ll need to call ServiceProvider.SendAuthnRequestByHTTPPost rather than ServiceProvider.SendAuthnRequestByHTTPRedirect to send the authn request.