Exception Error Trying to call SendSSO() After GetAsync() call

We have an old, but functional, SAML SSO application built with ComponentSpace. The application receives an SSO request, checks against our database platform to see if the authenticated user is valid for the SSO request, does a data pull from the platform to build the assertion, and sends the SSO back to the Service Provider.

We’re in the process of switching to a new platform. Data retrievals in our old platform used SOAP calls, the new one uses HttpClient GetAsync() calls. I’ve completed the code that retrieves the user data and packages the attributes for the assertion, but when the code reaches the SendSSO() call, I get “SAMLEnvironmentException: There is no HTTP context.” Full details below.

I assume the issue here is that the API call to retrieve user data is either doing something to the HttpContext or preventing the SendSSO() method from reading it. I need guidance on how to make the SendSSO() call work properly after the data pull.

Full text of exception error:
ComponentSpace.SAML2.Exceptions.SAMLEnvironmentException: There is no HTTP context. at ComponentSpace.SAML2.Utility.SAML.GetHttpContext() at ComponentSpace.SAML2.Data.SessionIDDelegates.GetSessionIDFromSAMLCookie() at ComponentSpace.SAML2.Data.AbstractSSOSessionStore.CreateSessionIDForType(Type type) at ComponentSpace.SAML2.Data.InMemorySSOSessionStore.Load(Type type) at ComponentSpace.SAML2.SAMLController.LoadSAMLConfigurationState() at ComponentSpace.SAML2.InternalSAMLIdentityProvider…ctor() at ComponentSpace.SAML2.SAMLIdentityProvider.SendSSO(HttpResponse httpResponse, String userName, IDictionary`2 attributes) at CMSWebParts_FEI_controls_ctrl_SSO_SAML_CS.d__20.MoveNext() in F:\inetpub\wwwroot\fei_kentico_content_protechdev_12\CMS\CMSWebParts\FEI_controls\ctrl_SSO_SAML_ProTech.ascx.cs:line 265[image]

SAMLIdentityProvider.SendSSO sends a SAML response to the service provider. It does this by returning to the browser an HTTP response consisting of an HTML form, with the SAML response encoded in this form, along with some JavaScript to automatically submit the form. The browser executes this JavaScript resulting in an HTTP Post of the SAML response to the service provider.

SAMLIdentityProvider.SendSSO uses the System.Web.HttpContext.Current property to access the HTTP response being written.

If System.Web.HttpContext.Current is null, the exception you’re seeing is thrown.

It’s hard to say why System.Web.HttpContext.Current is null in this case without more information.

I suggest investigating why this property is null at the time of the call to SAMLIdentityProvider.SendSSO.

If there’s still an issue, you’re welcome to include a section of code demonstrating what you’re doing.

This is resolved. The problem was that the call I was making to retrieve the attributes to pass with the assertion was an async call, like this:

await GetAttributes().ConfigureAwait(false);

Using ConfigureAwait allows the asynchronous call to return in a different thread than the one it was called from. The HttpContext was stored in the initial thread, and missing from the one that came back.

Changing the method in which the call occurred to synchronous and modifying the call to GetAttributes().Wait() resolved the issue. The method call now returns in the same thread it was called from, and the HttpContext is present.

Thank you for your assistance.

That’s good to know. Thank you for sharing this information.