I’m working with the ComponentSpace examples for ASP.NET. I’ve successfully configured and tested the SSO flow against an external IdP. However - when I click the “Logout”-button in the SP-example, I get the following:
I can’t quite figure out what is making ComponentSpace throw this exception. Has anyone experienced this?
Is it because the IdP is sending back something unexpected perhaps? “An error logout response status was received” could sound a bit like an IdP issue?
Any input would be greatly apreciated.
A SAMLErrorStatusException is thrown if a SAML response with an error status is received. The “status:Responder” is a generic error status meaning that the responder (ie partner provider sending the SAML response) detected some sort of error.
The partner provider would have to look at their internal logs to see what caused them to send the responder error status.
It’s difficult to know what the issue is without more information. However, it’s most likely some sort of configuration mismatch. For example, your app might be sending an unsigned logout request but the partner provider is expecting it to be signed.
If there’s still an issue, you’re welcome to enable SAML trace and send the log file as an email attachment to support@componentspace.com mentioning your forum post. Make sure to include the successful SSO as well as the failing SLO.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace