In netFramework I cannot use HttpRedirect as binding protocol

[ransht]

Security issues

I get this error: Unknown Saml2 Binding Type "HttpRedirect". call stack: at Sustainsys.Saml2.WebSso.Saml2Binding.Saml2BindingTypeToUri(Saml2BindingType type) at Sustainsys.Saml2.Saml2P.Saml2AuthenticationRequest.ToXElement() at Sustainsys.Saml2.Saml2P.Saml2AuthenticationRequest.ToXml() at TenBisWebApplication.Utils.SamlUtils.GetIdentityProviderRedirectUrl(Int32 companyID) in C:\Users\rans\source\repos\TenbisWebApplication\TenBisWebApplication\Utils\SamlUtils.cs:line 90

nuget package:Sustainsys.Saml2 v 2.9.0 project netframwork 4.8

this line causes the error: authRequest.Binding = Sustainsys.Saml2.WebSso.Saml2BindingType.HttpRedirect;

** it looks like the source code is different in NET5/6

this is the code in NET5/6: (it looks like it will not throw an error)

        private readonly static IDictionary<Uri, Saml2BindingType> bindingTypeMap = new Dictionary<Uri, Saml2BindingType>()
        {
            { HttpRedirectUri, Saml2BindingType.HttpRedirect },
            { HttpPostUri, Saml2BindingType.HttpPost }
        };

but here is the decompile code in NETFREAMEWORK:

        private static readonly IDictionary<Saml2BindingType, Uri> bindingUriMap = new Dictionary<Saml2BindingType, Uri>
        {
            {
                Saml2BindingType.HttpPost,
                HttpPostUri
            },
            {
                Saml2BindingType.Artifact,
                HttpArtifactUri
            }
        };

thanks

[AndersAbel]

I assume this is not a security issue?

[AndersAbel]

bindingUriMap and bindingTypeMap are two different variables.

The binding property on AuthnRequest is the desired binding when the Idp responds and Http Redirect is not a supported value for that. The reason is simply that the full Saml response with an assertion is too large to carry in a query string, it needs to be either POSTed or sent via back-channel with Artifact.