search

Sustainsys / Saml2

Saml2 Authentication services for ASP.NET
Other
960 stars 602 forks source link

ID3061: The given element ('AudienceRestriction','urn:oasis:names:tc:SAML:2.0:assertion') is empty. #622

Closed piermorosini closed 7 years ago

piermorosini commented 7 years ago

Hi sometimes (not ever) I receive this error.

Refreshing web page all works fine.

Thanks for help. Greetings Pierluigi

[XmlException: ID3061: The given element ('AudienceRestriction','urn:oasis:names:tc:SAML:2.0:assertion') is empty.] System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadAudienceRestriction(XmlReader reader) +497 System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadConditions(XmlReader reader) +1451 System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadAssertion(XmlReader reader) +1835 System.IdentityModel.Tokens.Saml2SecurityTokenHandler.ReadToken(XmlReader reader) +54 Kentor.AuthServices.Saml2P.d__53.MoveNext() +324 System.Collections.Generic.List1..ctor(IEnumerable1 collection) +275 System.Linq.Enumerable.ToList(IEnumerable`1 source) +58 Kentor.AuthServices.Saml2P.Saml2Response.GetClaims(IOptions options) +90 Kentor.AuthServices.WebSso.AcsCommand.ProcessResponse(IOptions options, Saml2Response samlResponse, StoredRequestState storedRequestState) +38 Kentor.AuthServices.WebSso.AcsCommand.Run(HttpRequestData request, IOptions options) +183

[BadFormatSamlResponseException: The SAML response contains incorrect XML] Kentor.AuthServices.WebSso.AcsCommand.Run(HttpRequestData request, IOptions options) +389 Kentor.AuthServices.Mvc.AuthServicesController.Acs() +54 lambda_method(Closure , ControllerBase , Object[] ) +62 System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters) +14 System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary2 parameters) +157 System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary2 parameters) +27 System.Web.Mvc.Async.AsyncControllerActionInvoker.b39(IAsyncResult asyncResult, ActionInvocation innerInvokeState) +22 System.Web.Mvc.Async.WrappedAsyncResult2.CallEndDelegate(IAsyncResult asyncResult) +29 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49 System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult) +34 System.Web.Mvc.Async.AsyncInvocationWithFilters.b3d() +50 System.Web.Mvc.Async.<>cDisplayClass46.b3f() +225 System.Web.Mvc.Async.<>cDisplayClass33.b32(IAsyncResult asyncResult) +10 System.Web.Mvc.Async.WrappedAsyncResult1.CallEndDelegate(IAsyncResult asyncResult) +10 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49 System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult) +34 System.Web.Mvc.Async.<>cDisplayClass2b.b1c() +26 System.Web.Mvc.Async.<>cDisplayClass21.b1e(IAsyncResult asyncResult) +100 System.Web.Mvc.Async.WrappedAsyncResult1.CallEndDelegate(IAsyncResult asyncResult) +10 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49 System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult) +27 System.Web.Mvc.Controller.b1d(IAsyncResult asyncResult, ExecuteCoreState innerState) +13 System.Web.Mvc.Async.WrappedAsyncVoid1.CallEndDelegate(IAsyncResult asyncResult) +29 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49 System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult) +38 System.Web.Mvc.Controller.b15(IAsyncResult asyncResult, Controller controller) +12 System.Web.Mvc.Async.WrappedAsyncVoid1.CallEndDelegate(IAsyncResult asyncResult) +22 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49 System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult) +28 System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult) +10 System.Web.Mvc.MvcHandler.b__5(IAsyncResult asyncResult, ProcessRequestState innerState) +21 System.Web.Mvc.Async.WrappedAsyncVoid1.CallEndDelegate(IAsyncResult asyncResult) +29 System.Web.Mvc.Async.WrappedAsyncResultBase1.End() +49 System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult) +28 System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +9 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +9765121 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155

albinsunnanbo commented 7 years ago

It looks like the IDP sends invalid SAML2-data. Check the troubleshooting section on https://github.com/KentorIT/authservices on how to log your SAML2 messages.

You can also find the failing SAML2 data on var unpackedResponse = exception.Data["Saml2Response"] as string; on the exception. Check the failing Saml2Response and report as a bug to your IDP if it does not conform with the SAML2 specification.

piermorosini commented 7 years ago

Thanks for help. Pierluigi