No SAML message query string parameter in HTTP Redirect
As an SP, When I am calling the SAMLServiceProvider.ReceiveSLO(Request, isRequest, logoutReason, partnerIdP, Nothing) I am getting the following exception. What could be the problem?
No SAML message query string parameter in HTTP Redirect
No SAML message query string parameter in HTTP Redirect
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: ComponentSpace.SAML2.Exceptions.SAMLBindingException: No SAML message query string parameter in HTTP Redirect
This means that the SAMLRequest or SAMLResponse query string parameter is missing. It’s possible that a simple redirect to your page is occurring rather than a SAML logout message being sent. I suggest capturing the HTTP traffic using Fiddler etc to confirm. If this is the case, confirm that the partner provider supports SAML logout as not everyone does.
This means that the SAMLRequest or SAMLResponse query string parameter is missing. It's possible that a simple redirect to your page is occurring rather than a SAML logout message being sent. I suggest capturing the HTTP traffic using Fiddler etc to confirm. If this is the case, confirm that the partner provider supports SAML logout as not everyone does.
[/quote]
Thank you for your support. I am new to SAML. The sequence of my Logout page is as follows:
Basically that’s correct but the call to SAMLServiceProvider.SendSLO is only required if SAMLServiceProvider.ReceiveSLO received a request. So, for SP-initiated SLO the sequence is:
// Create and send a SAML logout request. SAMLServiceProvider.InitiateSLO(Response, logoutReason, partnerIdP)
// Receive and process the SAML logout response. SAMLServiceProvider.ReceiveSLO(Request, isRequest, logoutReason, partnerIdP, Nothing)
For IdP-initiated SLO the sequence is:
// Receive and process the SAML logout request. SAMLServiceProvider.ReceiveSLO(Request, isRequest, logoutReason, partnerIdP, Nothing)
// Create and send the logout response. SAMLServiceProvider.SendSLO(Response, Nothing)
I suggest taking a look at the ExampleServiceProvider project under the Examples\SSO\HighLevelAPI\WebForms folder which demonstrates supporting both SAML logout flows.