Hi
We developed an application for the client and once client try to login using IDP initiated SSO then error which comes is "The partner identity provider https://abc/saml/meta/1234" is not configured. We purchased ComponentSpace SAML v2.0 .NET (singe Developer).
We have partner idp in our web.config file as below:
https://companysandbox.xyz.com/trust/saml2/http-post/sso/1234" />
also we have saml.config which contains below configurations.
<ServiceProvider Name=https://company.com/
AssertionConsumerServiceUrl = "~/SAML/TestAssertionService"
LocalCertificateFile = "sp.pfx"
LocalCertificatePassword = "********"
/>
https://companysandbox.xyz.com/trust/saml2/http-post/sso/1234"
SignAuthnRequest = "false"
WantSAMLResponseSigned = "true"
WantAssertionSigned = "false"
WantAssertionEncrypted = "false"
SingleSignOnServiceUrl = "https://companysandbox.xyz.com/trust/saml2/http-post/sso/1234"
SingleLogoutServiceUrl = "https://companysandboc.xyz.com/SAML/SLOservice/"
PartnerCertificateFile = "sp.cer"
/>
Please let me know where I am wrong and what needs to be corrected? Quick response is appreciated as we lost several days in to this but still not resolved.
Thanks in advance.
The SAML response from an identity provider includes an issuer field identifying who sent the response.
We use the issuer field to lookup the correct in the saml.config.
If there’s no matching you’ll get the exception you are seeing.
In this case the issuer field is set to "<a href=“https://abc/saml/meta/1234".">https://abc/saml/meta/1234”.
The name is "<a href=“https://companysandbox.xyz.com/trust/saml2/http-post/sso/1234".">https://companysandbox.xyz.com/trust/saml2/http-post/sso/1234”.
I suggest changing the name to "<a href=“https://abc/saml/meta/1234".">https://abc/saml/meta/1234”.
You might also want to check with the partner identity provider to confirm which is the correct name.
Either way, the issuer field and name must match.
[quote]ComponentSpace - 3/29/2016
[/quote] Hello,
I have similar issue. I believe I have verified the Partner Identity Provider Name. We use database to save the dynamic configuration.
We are using Okta as IDP and our own app as SP. We picked up the Okta Identity Provider Issuer Name while setting up the IDP and set the same value in our PartnerIdentityProviderName field along with other Configuration flags.
We have similar site setup thru Okta with exact same scenario and it works fine there.
Please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
Hi Team,
I am facing issue that partner identity provider not configured. I am new in this . we are getting saml response but when we call serviceprovider.receiveSSO method its through exception. Please help
This is a configuration issue. We match the issuer field in the SAML response to a Name in your SAML configuration. This is done so we can process the message. If there is no match, we throw the exception you’re seeing.
Please ensure exists with the name indicated in the exception message.
If there’s still an issue, please enable SAML trace and send the generated log file as an email attachment to support@componentspace.com mentioning your forum post.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
Hi,
Yes the same identity provider name which we are using included the same IDP name in exception. one thing i want to verify that i am using a certificated which is included in metadata xml. i have just put that string of x509 certificate into idp configuration. Is that can be an issue or how should i use this certificate which included in xml metadata file.
Thanks,
Sunita
The partner certificate can be included as a file or base-64 string in the configuration.
For example:
<PartnerIdentityProvider
Name=“<a href=“https://ExampleIdentityProvider””>https://ExampleIdentityProvider"
Description=“Example Identity Provider”
SignAuthnRequest=“true”
SingleSignOnServiceUrl=“<a href=“https://localhost:44390/SAML/SSOService.aspx””>https://localhost:44390/SAML/SSOService.aspx"
SingleLogoutServiceUrl=“”>https://localhost:44390/SAML/SLOService.aspx">