Hey guys, I am evaluating SAML2 SSO component for the use with our .NET web application, and I am running into a strange issue.
We have built a RESTful WCF Web Service to integrate with our partner IDP, and we are acting as SP. The portion of the service that sends SSO request works just fine. It hits IDP page, the response is then generated, and is send back to the service method that handles assertions (ie SAMLServiceProvider.RecieveSSO). This is where the problem is. Basically, every time I try to process SSO Assertion from the IDP, the app just goes blank. No exception thrown, nothing.
Here is our code:
Public Sub procAssert(ByVal category As String, ByVal idp As String) Implements ISSOService.procAssert
Dim isInResponseTo As Boolean
Dim partnerIDP As String = Nothing
Dim idpUserName As String = Nothing
Dim attributes() As SAMLAttribute = Nothing
Dim relay As String = Nothing
Dim baseUrl As String = ApplicationEnvironment.GetEnvironment(Nothing, Nothing)
Dim request = HttpContext.Current.Request
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Redirect
Try
partnerIDP = configureIDP(idp)
SAMLServiceProvider.ReceiveSSO(request, isInResponseTo, partnerIDP, idpUserName, attributes, relay)
The last line above is where everything stops, but no exception is thrown when debugging. Before, we had exception about SAMResponse variable not being found in Request, however, after fixing it, I have inspected web traffic with Fiddler, and I can see that SAMLResponse variable is being passed as expected. I know that it’s a shot in a dark, but any ideas what might be causing this issue?
Thanks for any help that you can provide.
- Joe
I have also tried a low-level API with “receive sso by http post”, but am having the exact same issue. Everything just stops when it gets to that line, with no exceptions thrown.
Hi Joe
Could you please enable SAML trace and send the generated log file to support@componentspace.com?
http://www.componentspace.com/Forums/17/Enabing-SAML-Trace
It does seem odd if this method isn’t returning. SAMLServiceProvider.ReceiveSSO calls the low-level SAML API to receive the SAML response contained in the HTTP Post request.
The trace should be able to shed more light on the issue.
Thanks.
We have built a RESTful WCF Web Service to integrate with our partner IDP, and we are acting as SP. The portion of the service that sends SSO request works just fine. It hits IDP page, the response is then generated, and is send back to the service method that handles assertions (ie SAMLServiceProvider.RecieveSSO). This is where the problem is. Basically, every time I try to process SSO Assertion from the IDP, the app just goes blank. No exception thrown, nothing.
Here is our code:
Public Sub procAssert(ByVal category As String, ByVal idp As String) Implements ISSOService.procAssert
Dim isInResponseTo As Boolean
Dim partnerIDP As String = Nothing
Dim idpUserName As String = Nothing
Dim attributes() As SAMLAttribute = Nothing
Dim relay As String = Nothing
Dim baseUrl As String = ApplicationEnvironment.GetEnvironment(Nothing, Nothing)
Dim request = HttpContext.Current.Request
WebOperationContext.Current.OutgoingResponse.StatusCode = HttpStatusCode.Redirect
Try
partnerIDP = configureIDP(idp)
SAMLServiceProvider.ReceiveSSO(request, isInResponseTo, partnerIDP, idpUserName, attributes, relay)
The last line above is where everything stops, but no exception is thrown when debugging. Before, we had exception about SAMResponse variable not being found in Request, however, after fixing it, I have inspected web traffic with Fiddler, and I can see that SAMLResponse variable is being passed as expected. I know that it's a shot in a dark, but any ideas what might be causing this issue?
Thanks for any help that you can provide.
- Joe
I am also having the same issue. I am evaluating your package for SAML/SSO feature with our ASP.NET 4.x WebForms application.
I am using your Identity provider example as is with some url changes for the Service Provider. I have merged in your Service provider example into my existing application. The IDP is correcting invoking the AssertionConsumerService.aspx page, but it stop at the ReceiveSSO method:
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs)
Dim isInResponseTo As Boolean = False
Dim partnerIdP As String = Nothing
Dim authnContext As String = Nothing
Dim userName As String = Nothing
Dim attributes As IDictionary(Of String, String) = Nothing
Dim targetUrl As String = Nothing
SAMLServiceProvider.ReceiveSSO(Request, isInResponseTo, partnerIdP, authnContext, userName, attributes, targetUrl)
If targetUrl Is Nothing Then
targetUrl = "~/"
End If
FormsAuthentication.SetAuthCookie(userName, False)
Session(AttributesSessionKey) = attributes
Response.Redirect(targetUrl, False)
End Sub
I saw how to turn on tracing in another post and did so in my Server Provider app, no log files was created. Any assistance would be appreciated.
Please ensure file permissions are set correctly for the trace.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
Does SAMLServiceProvider.ReceiveSSO return?
It should either return without error or throw an exception.
Is the Request object the standard System.Web.HttpRequest?