We have our service provider site hosted on F5 load balanced environment with SSL offloading. So, whenever its a SP initiated request, the ACS is being passed as http instead of https although I have configured it to be https in the saml.config file in the idp.
Now the F5 automatically converts this http POST to a https POST and I see the error “The message is not an HTTP POST”
The idp originated request however successfully passes to the https ACS and creates a session on the SP.
Please let me know where i am going wrong.
I’m not sure if I follow exactly what is occurring.
However, if an extraneous HTTP Get etc is being received you can check for this in your code and only call the SAML API if it’s an HTTP Post.
For example:
if (Request.HttpMethod == “POST”) {
// Call the SAML API.
}
If there’s still an issue, please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning this topic.
We have the same problem, did you solve the problem?
The SAML response must be sent in an HTTP Post. If an HTTP Get etc is received, we throw this exception.
I suggest using the browser developer tools (F12) to capture the network traffic to follow the SAML SSO flow. There should be an HTTP Post to your assertion consumer service endpoint.
If there’s still an issue, please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
Sorry, It was a problem from our side, not related to componentspace.
No worries. Thanks for the update.