ComponentSpace

Forums



Error on SLO logout


Error on SLO logout

Author
Message
andyroz
andyroz
New Member
New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)

Group: Forum Members
Posts: 8, Visits: 44
I am getting this error on logout. My code for SLO is pretty much exactly the code from the examples:

2020-05-29 09:23:15.706 +10:00 [DBG] An SLO message from the partner identity provider http://gas.ccccc.com/adfs/services/trust has been successfully received.
2020-05-29 09:23:15.738 +10:00 [DBG] The SAML authentication handler is receiving a SAML logout message at /Saml/SingleLogoutService.
2020-05-29 09:23:15.741 +10:00 [DBG] The SSO session ID 15eba2af-6397-4e2a-821b-e95f260fefcf has been saved to the saml-session cookie.
2020-05-29 09:23:15.742 +10:00 [DBG] HTTP cookie: saml-session=15eba2af-6397-4e2a-821b-e95f260fefcf; Path=/; SameSite=None; Secure; HttpOnly
2020-05-29 09:23:15.745 +10:00 [DBG] Receiving an SLO message from a partner identity provider.
2020-05-29 09:23:15.746 +10:00 [DBG] SSO session state is being initialized.
2020-05-29 09:23:15.746 +10:00 [DBG] SSO session state for saml-session-15eba2af-6397-4e2a-821b-e95f260fefcf-SamlState is being saved to the distributed cache.
2020-05-29 09:23:15.747 +10:00 [DBG] SAML session state (15eba2af-6397-4e2a-821b-e95f260fefcf):
SP state:

2020-05-29 09:23:15.748 +10:00 [DBG] The HTTP request is unrecognized.
2020-05-29 09:23:15.748 +10:00 [DBG] HTTPS request:
GET /Saml/SingleLogoutService?page=%2Floggedout.html HTTP/2.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en-AU;q=0.7,en;q=0.3
Connection: close
Cookie: _ga=GA1.3.302317254.1552996123; ins_vid=16995c845e1cee54; ins_did=dbf092939609dd23cd7b1a82dbae48305116966921; .AspNet.SharedCookie=CfDJ8DqVv1DWuwJDm0pa7yl-7x0HTmLn66AUHi_AjAdG3K9nec-Bphe5Xo8gyQ5_rOIk8gJ9lraxtcf02ERD2xUXnm-1DeXDg9oKG0Z4m69SsUmArUQOWpGcaev1PaFlQdjAh5aFVd-6KpyJ5uFWRLW2uofQPOK84HQywqgltKlmQ050H2PiQK9q5aLa4jVvNOzL042kS5KMw4zw-Dj18z-f24MkGuPaju3_u3p4SWUEocRZCMP1DLYDRh_aj-iakVnGCo9DOIYyhI0AnpTVPn-dUgEeT_xdLwv11eo2JrGdVuOHDpV_oeCubZxIF6FJDKVf5DI89Wy21mnaUItApb2N3Gr1Pf6z14hxniM7NXh1Tl5Pm_4LZbFliQTkK5nh1WxS8-mdbcdEVD9xXjwUH8eEwTCrvdxvLrnhnqe8LzGAtc3vqpP6MLkvaNHHMVCo1xeTCdoTS2daRZMo6CGSYKM0hMuYYjgMrJ06w3mNhaOsLl6JherFFDcahJk7fNGKptkV5tq3BfcBvYqB_RKXpsaJ071-GUC8t-w4Yn1kweTRwx_HG6YmJNauupW7mROLB6DdTeKTyYlryFnUiUgYsx_AOnQQxbvKRcPOSTq_VadhM7pDZsbBb2THPpk-IOBlz-ZKA9N5vRKgZk_zaChFPeU_lYKm9I9N_9EQnBKZXF4L5nAvy8tmhlEFvz2WyDxVypdaY6PmkkD_rJgxnODQLG7cBcDAujQyEjdyyoItGF-hambZO53qVIWzTT7Iulz0p_9y2xRbIj_GtsS1Jz2nDfhpUW6PE68zq8pemVx73fB9N8gr0BtIe8ZGtYwRhYB_hou1ug3Eoq-zGVdP2Xkxn80wSAinmgEcYLKPc2yfxpoWj8QzBomBLn2bxd1DHQxLUnZD9X5QHcI0RZjB3bTB-wdk0
Host: xxxx.ccccc.com.au
Referer: https://gas.cccc.com/adfs/ls/?SAMLRequest=nZFda4MwFIb%2FiuQ%2BNUbrR6hCmWMI%2FRiz28VuShpjV9DE5UToz5%2FWFroNdrFwrg7nefImZwG8bTq20kfd2xf5UuwTpGnaF9HVBDfD7EIRIUDL5A4TmKB5%2BEhCb1DRSgRyHmTBk5apYjOCHIKgF4WCixXdmgNI5jMMY131GdDecE7cvLhhpPi9kJ9WNsBc90jh1krqpnQrcurGtwGXORstN2qrVnWVppfunDSndtGAbu8IkW9UUxzOAFTvJXArGDlcr1iQzjWGW210A3KFuM0u2Q1d3z6J84BpBlDo2z9kC9fH7fPZbl7Wrh3sqt5M8BF%2Fh8zJeMJydU6iSZrx0oJ41cXqpLnbB%2FRKOY1jXEtPYoD34swDwMfy6SKDp5IhBfUk%2BYHeWt%2BW3n2BQ%3D%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha256&Signature=Q9XPp%2BixWdaPn6wW4xl0h4TULZdkeSN23ElGEYuGS93FmvONDKZ6yXWtpJnjBQTm5J6O7c5ua1wfady6XAgQVgjrmHyq%2FCe1thrZn5ekWBNF4khRKXyf9IwDk0hCfjAwT%2F5AXwDoymwsV9YgmWzHadW5EbgBH5U5FKScx35vTQ%3D
Te: trailers
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:68.0) Gecko/20100101 Firefox/68.0
upgrade-insecure-requests: 1
2020-05-29 09:23:15.749 +10:00 [ERR] Receiving an SLO message from a partner identity provider has failed.
ComponentSpace.Saml2.Exceptions.SamlBindingException: A SAML message cannot be received as the HTTP request is unrecognized.
 at ComponentSpace.Saml2.SamlProvider.ReceiveMessageAsync()
 at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSloAsync()
2020-05-29 09:23:15.761 +10:00 [DBG] An exception has been caught by the SAML authentication handler.
ComponentSpace.Saml2.Exceptions.SamlBindingException: A SAML message cannot be received as the HTTP request is unrecognized.
 at ComponentSpace.Saml2.SamlProvider.ReceiveMessageAsync()
 at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSloAsync()
 at ComponentSpace.Saml2.Authentication.SamlAuthenticationHandler.HandleSloAsync()
 at ComponentSpace.Saml2.Authentication.SamlAuthenticationHandler.HandleRequestAsync()


What would cause this?

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
ADFS sends the SAML logout request encoded as a SAMLRequest query string parameter. This parameter is missing so we throw the exception you're seeing.

Either the wrong single logout service URL has been configured in ADFS or something is stripping the SAMLRequest query string parameter.

I suggest using the browser developer tools (F12) to capture the network traffic. You should see a SAMLRequest being sent to your SP by ADFS. Hopefully the trace will help determine what's going wrong after that.

If there's still an issue, please save the captured network traffic and send the HAR file to [email protected] mentioning your forum post. 

Regards
ComponentSpace Development
andyroz
andyroz
New Member
New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)New Member (16 reputation)

Group: Forum Members
Posts: 8, Visits: 44
ComponentSpace - 5/28/2020
ADFS sends the SAML logout request encoded as a SAMLRequest query string parameter. This parameter is missing so we throw the exception you're seeing.

Either the wrong single logout service URL has been configured in ADFS or something is stripping the SAMLRequest query string parameter.

I suggest using the browser developer tools (F12) to capture the network traffic. You should see a SAMLRequest being sent to your SP by ADFS. Hopefully the trace will help determine what's going wrong after that.

If there's still an issue, please save the captured network traffic and send the HAR file to [email protected] mentioning your forum post. 

Thanks for the quick response! I'll look into that.

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
You're welcome.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search