Closed AlexAlexGoTO closed 2 years ago
The path is case sensitive, the correct one is https://my-site/Saml2/Acs
.
Thanks, I'll try tomorrow and give you feedback :)
My Azure
My .NET
My .NET Controller
My error
Still the same error :(
Looks like azure see Acs as http when I make an request... So maybe something wrong with configuration. Continue investigating it
I removed RedirectUri and ReturnUrl, change Acs url to right one in Azure and now I don't have that error. But now I have another one from library: No Idp with entity id "https://sts.windows.net/xxxxxxxxxxxx/" found
This exception was originally thrown at this call stack: System.ThrowHelper.ThrowKeyNotFoundException() Sustainsys.Saml2.Configuration.IdentityProviderDictionary.this[Sustainsys.Saml2.Metadata.EntityId].get(Sustainsys.Saml2.Metadata.EntityId)
If I'm trying to set LoadMetadata = true - I'm getting Unexpected entity id "https://sts.windows.net/xxxxxxx-xxxxx-xxxxx-xxxx-xxxxx/" found when loading metadata for "https://login.microsoftonline.com/xxxxxxx-xxxxx-xxxxx-xxxx-xxxxx/federationmetadata/2007-06/federationmetadata.xml?appid=xxxxxxx-xxxxx-xxxxx-xxxx-xxxxx".
The Idp EntityId you've configured is obviously wrong. The one from the logs is the one received in metadata and in actual SAML2 message. I really hope that those have the same value - if not, you're configuration is really messed up.
Thanks, I'll continue investigation and write something later here, when understand what is going on...
I reconfigured my Idp to
So now It's okay. But I got another error :D
Sustainsys.Saml2.Exceptions.UnexpectedInResponseToException: 'Received message _a9f67e1a-e36a-21db-983a-fe3158a68bb7 contains unexpected InResponseTo "id65d1afd2c4c8475dad418fa990dbe254". No cookie preserving state from the request was found so the message was not expected to have an InResponseTo attribute. This error typically occurs if the cookie set when doing SP-initiated sign on have been lost.'
Please keep each issue to one subject, I'm closing this.
You might want to look at #666.
Hi,
I'm using Sustainsys.Saml2.Owin 2.9.0
I created application in azure and now I'm trying to login with your library but I'm getting error
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'https://my-site/saml2'.
Here is my configuration
When it's make request to Azure sign-in I don't see any redirect url in request string so I can't even understand what should I add to azure reply URLs.
I decided that it should be Assertion endpoint so I'm using 'https://my-site/saml2/Acs' but it doesn't work
Cas someone help me to understand what reply URL should I use or where can I check it ?
I found similar issue here https://github.com/Sustainsys/Saml2/issues/1264