我为现有的.net应用程序启用SSO。我使用的组件空间SAML 2.0组件作为服务提供者(SP)和ADFS 2.0作为身份提供者(IdP),我在不同的服务上配置了ADFS,SP在不同的服务器上。我启动了SP InitiateSSO,浏览器被重定向到IdP url并基于中继方url将其返回给SP。服务提供商ComponenetSpace身份提供商ADFS 2.0为in.Net应用程序启用SSO问题
当试图获得:
SAMLServiceProvider.ReceiveSSO(Request, out isInResponseTo, out partnerIdP, out userName, out attributes, out targetUrl);
它说: “合作伙伴身份提供未配置http://sp.com/adfs/services/trust”。
in fiddler我正在接听电话。
- /login.aspx?ReturnUrl=%2fDefault.aspx
- /ADFS/LS /?SAMLRequest = 7b0HYBxJliUmL23Ke39K9UrX4HShCIBgEyTYkEAQ7MGIzeaS7B1pRyMpqyqBymVWZV1mFkDM7Z28995777333nvvvfe6O51OJ%2FFF%2Fz9cZmQBbPbOStrJniGAqsgfP358Hz8iHjfZolw9Ol638%2BWr%2FBet86ZNz55%2B9tHvf%2F5gOr032d3bPp%2Fszbb3Z5%2FubR9MHxxs7%2BUP9mezncn93cnso%2FQn87opquVnH% 2B2Ndz5Kz5pmnZ8tmzZbtvTRzu697R1648GbnQeP9u892r0%2F3n9w8FMfpU%2Bpl2KZtfzmvG1Xj%2B7eLZZtnc2KfDGeVou72ey8uVs2dz9Kn1X1NGf0PvvoPCubHN28zJqmuMztJy%2Frqq2mVfmkWM6K5cVnH63r5aMqa4rm0TJb5M2jdvro9fEXzx8Rmo8m0qh59O03b15uv%2Fzy9ZuP0uOmyWvgc1Itm%2FUir1%2Fn9WUxzb969VwwbAjFWb6oxiGeAHp36OVx1qzefZS%2BW5TL5hHTeTNiKx3FR0c8K4%2BYnLX3%2FubXM4PGR0fDGD%2B%2B64E%2B0tl%2FQbDOnr6symJ6DYIvsna4q93xLn9SzLbPuemj9bJZ5dPivMiJI47Lsro6qfOspelp6zXNzt0j6TV ks6P%2FBw%3D%3D & SigAlg = HTTP%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-SHA1 &签名= rXOfg3K3D87RobofnuU5xXfBbYYIlHOeNf3IkOrLVekTycKWW7foBAKeBuatyyaCZwnmZMWJiMOGU87P4NOy0YXGdO3F5VhvZ9ZGLxK74GWrTOvWmvY%2Fa4z%2FrGRv6TkNRRMdy6rZS5sBn%2B1aQx0bzlPwAMwaCVbIU%2FQxTJa4zok%3D
- /ADFS/LS/AUTH /集成的/?SAMLRequest = 7b0HYBxJliUmL23Ke39K9UrX4HShCIBgEyTYkEAQ7MGIzeaS7B1pRyMpqyqBymVWZV1mFkDM7Z28995777333nvvvfe6O51OJ%2FFF%2Fz9cZmQBbPbOStrJniGAqsgfP358Hz8iHjfZolw9Ol638%2BWr%2FBet86ZNz55%2B9tHvf%2F5gOr032d3bPp%2Fszbb3Z5%2FubR9MHxxs7%2BUP9mezncn93cnso%2FQn87opquVnH%2B2Ndz5Kz5pmnZ8tmzZbtvTRzu697R1648GbnQeP9u892r0%2F3n9w8FMfpU%2Bpl2KZtfzmvG1Xj%2B7eLZZtnc2KfDGeVou72ey8uVs2dz9Kn1X1NGf0PvvoPCubHN28zJqmuMztJy%2Frqq2mVfmkWM6K5cVnH63r5aMqa4rm0TJb5M2jdvro9fEXzx8Rmo8m0qh59O03b15uv%2Fzy9ZuP0uOmyWvgc1Itm%2FUir1%2Fn9WUxzb969VwwbAjFWb6oxiGeAHp36OVx1qzefZS%2BW5TL5hHTe TNiKx3FR0c8K4%2BYnLX3%2FubXM4PGR0fDGD%2B%2B64E%2B0tl%2FQbDOnr6symJ6DYIvsna4q93xLn9SzLbPuemj9bJZ5dPivMiJI47Lsro6qfOspelp6zXNzt0j6TVks6P%2FBw%3D%3D & SigAlg = HTTP%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-SHA1 &签名= rXOfg3K3D87RobofnuU5xXfBbYYIlHOeNf3IkOrLVekTycKWW7foBAKeBuatyyaCZwnmZMWJiMOGU87P4NOy0YXGdO3F5VhvZ9ZGLxK74GWrTOvWmvY%2Fa4z% 2FrGRv6TkNRRMdy6rZS5sBn%2B1aQx0bzlPwAMwaCVbIU%2FQxTJa4zok%3D
- /SAML/AssertionConsumerService.aspx
堆栈跟踪
[SAMLException: The partner identity provider http:// sp.com/adfs/services/trust is not configured.]
ComponentSpace.SAML2.Configuration.SAMLConfiguration.GetPartnerIdentityProvider(String name) in c:\Sandboxes\ComponentSpace\SAMLv20\Library\Configuration\SAMLConfiguration.cs:245
ComponentSpace.SAML2.SAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& userName, SAMLAttribute[]& attributes, String& relayState) in c:\Sandboxes\ComponentSpace\SAMLv20\Library\SAMLServiceProvider.cs:664
ComponentSpace.SAML2.SAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& userName, IDictionary`2& attributes, String& relayState) in c:\Sandboxes\ComponentSpace\SAMLv20\Library\SAMLServiceProvider.cs:637
ExampleServiceProvider.SAML.AssertionConsumerService.Page_Load(Object sender, EventArgs e) in C:\Program Files (x86)\ComponentSpace SAML v2.0 for .NET\Examples\SSO\HighLevelAPI\WebForms\ExampleServiceProvider\SAML\AssertionConsumerService.aspx.cs:28
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42
System.Web.UI.Control.OnLoad(EventArgs e) +132
System.Web.UI.Control.LoadRecursive() +66
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +2428
ADFS CONFI guration是:
<PartnerIdentityProvider Name="https://sp.com/adfs/services/trust"
SignAuthnRequest="true"
WantSAMLResponseSigned="false"
WantAssertionSigned="false"
WantAssertionEncrypted="false"
UseEmbeddedCertificate="true"
SingleSignOnServiceUrl="http://sp.com/adfs/ls/"/ >
服务提供商的配置如:
<SAMLConfiguration xmlns="urn:componentspace:SAML:2.0:configuration">
<ServiceProvider Name="https://demo.sp.com"
AssertionConsumerServiceUrl="~/SAML/AssertionConsumerService.aspx"
CertificateFile="sp.pfx"
CertificatePassword="password" />
错误,我在我得到:
Server Error in '/' Application.
The partner identity provider http:// sp.com/adfs/services/trust is not configured. Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: ComponentSpace.SAML2.Exceptions.SAMLException: The partner identity provider http:// sp.com/adfs/services/trust is not configured.