We have created a SP using the Middleware approach with the licensed SAML component in asp.net core 2.1.
The idP on our partner's side is PingFederate. Everything works like a charm when people use valid credentials.
However, under certain circumstances the idP server will return the following response:
...<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:AuthnFailed" /></samlp:StatusCode>...
Currently a SamlErrorStatusException is thrown, finally resulting in a 500 Internal Error response. Since a failed authentication is not an exceptional condition we would like to return a 401 UnAuthorized instead. This reflects what actually happened.
Using the existing documentation we could not discover how to implement this. Any help or example is appreciated.
Kind regards, Fred
|