Hi,
I have used the example of the ExampleServiceProvider in one of our web applications. The IDP is PingOne and I have successfully initiated the SSO to the partner identity provider but I am not directed to the Pingone site for SSO. Not sure why its not working. Please help.
aspx.page: Begin PreInit
aspx.page: End PreInit
aspx.page: Begin Init
aspx.page: End Init
aspx.page: Begin InitComplete
aspx.page: End InitComplete
aspx.page: Begin PreLoad
aspx.page: End PreLoad
aspx.page: Begin Load
aspx.page: End Load
aspx.page: Begin LoadComplete
aspx.page: End LoadComplete
aspx.page: Begin PreRender
aspx.page: End PreRender
aspx.page: Begin PreRenderComplete
aspx.page: End PreRenderComplete
aspx.page: Begin SaveState
aspx.page: End SaveState
aspx.page: Begin SaveStateComplete
aspx.page: End SaveStateComplete
aspx.page: Begin Render
aspx.page: End Render
2740/9: 03/09/2019 09:50:35: ComponentSpace.SAML2, Version=3.4.0.0, Culture=neutral, PublicKeyToken=16647a1283418145, .NET v4.0 build, Evaluation.
2740/9: 03/09/2019 09:50:35: CLR: 4.0.30319.42000, OS: Microsoft Windows NT 6.1.7601 Service Pack 1, Account: madhu-PC\madhu, Culture: English (United Kingdom)
2740/9: 03/09/2019 09:50:35: Initializing the SAML environment.
2740/9: 03/09/2019 09:50:35: Loading the SAML configuration file E:\Projects\MailTrack\MailTrack Updated 30082019\MailTrack\WebApplication\saml.config.
2740/9: 03/09/2019 09:50:35: SAML configuration:
<?xml version="1.0"?>
<SAMLConfiguration xmlns="urn:componentspace:SAML:2.0:configuration">
<ServiceProvider Name="
https://ExampleServiceProvider" Description="Example Service Provider"
AssertionConsumerServiceUrl="~/SAML/AssertionConsumerService.aspx"
LocalCertificateFile="Certificates\sp.pfx"
LocalCertificatePassword="********"/>
<PartnerIdentityProviders>
<!-- Web forms example -->
<PartnerIdentityProvider Name="
https://ExampleIdentityProvider" Description="Example Identity Provider"
SignAuthnRequest="true"
SingleSignOnServiceUrl="
https://localhost:44390/SAML/SSOService.aspx" SingleLogoutServiceUrl="
https://localhost:44390/SAML/SLOService.aspx" PartnerCertificateFile="Certificates\idp.cer"/>
<!-- MVC example -->
<PartnerIdentityProvider Name="
https://MvcExampleIdentityProvider" Description="MVC Example Identity Provider"
SignAuthnRequest="true"
SingleSignOnServiceUrl="
https://localhost:44363/SAML/SingleSignOnService" SingleLogoutServiceUrl="
https://localhost:44363/SAML/SingleLogoutService" PartnerCertificateFile="Certificates\idp.cer"/>
<!-- ADFS -->
<PartnerIdentityProvider Name="
http://adfs.test/adfs/services/trust" Description="ADFS"
SignAuthnRequest="true"
SignLogoutRequest="true"
SignLogoutResponse="true"
WantAssertionEncrypted="true"
WantLogoutResponseSigned="true"
SingleSignOnServiceUrl="
https://adfs.test/adfs/ls/" SingleLogoutServiceUrl="
https://adfs.test/adfs/ls/" PartnerCertificateFile="Certificates\adfs.cer"/>
<!-- Azure AD -->
<PartnerIdentityProvider Name="
https://sts.windows.net/f2f933ec-d7c9-433f-8926-d3a0732a7dcf/" Description="Azure AD"
SignLogoutRequest="true"
WantLogoutResponseSigned="true"
SingleSignOnServiceUrl="
https://login.microsoftonline.com/f2f933ec-d7c9-433f-8926-d3a0732a7dcf/saml2" SingleLogoutServiceUrl="
https://login.microsoftonline.com/f2f933ec-d7c9-433f-8926-d3a0732a7dcf/saml2" PartnerCertificateFile="Certificates\azure.cer"/>
<!-- Okta -->
<PartnerIdentityProvider Name="
http://www.okta.com/exk89rwwiahjnDQiv0h7" Description="Okta"
SignAuthnRequest="true"
SignLogoutRequest="true"
SignLogoutResponse="true"
WantLogoutRequestSigned="true"
WantLogoutResponseSigned="true"
SingleSignOnServiceUrl="
https://componentspace.oktapreview.com/app/componentspacedev527539_exampleserviceprovider_3/exk89rwwiahjnDQiv0h7/sso/saml" SingleLogoutServiceUrl="
https://componentspace.oktapreview.com/app/componentspacedev527539_exampleserviceprovider_3/exk89rwwiahjnDQiv0h7/slo/saml" PartnerCertificateFile="Certificates\okta.cer"/>
<!-- Google -->
<PartnerIdentityProvider Name="
https://accounts.google.com/o/saml2?idpid=C03kl4l11" Description="Google"
SingleSignOnServiceUrl="
https://accounts.google.com/o/saml2/idp?idpid=C03kl4l11" PartnerCertificateFile="Certificates\google.cer"/>
<!-- Salesforce -->
<PartnerIdentityProvider Name="
https://componentspace-dev-ed.my.salesforce.com" Description="Salesforce"
SingleSignOnServiceUrl="
https://componentspace-dev-ed.my.salesforce.com/idp/endpoint/HttpRedirect" PartnerCertificateFile="Certificates\salesforce.cer"/>
<!-- Shibboleth -->
<PartnerIdentityProvider Name="
https://samltest.id/saml/idp" Description="Shibboleth"
SignLogoutRequest="true"
SignLogoutResponse="true"
SingleSignOnServiceUrl="
https://samltest.id/idp/profile/SAML2/Redirect/SSO" SingleLogoutServiceUrl="
https://samltest.id/idp/profile/SAML2/Redirect/SLO" PartnerCertificateFile="Certificates\shibboleth1.cer"
SecondaryPartnerCertificateFile="Certificates\shibboleth2.cer"/>
<!-- WSO2 Identity Server -->
<PartnerIdentityProvider Name="localhost"
Description="WSO2 Identity Server"
SingleSignOnServiceUrl="
https://localhost:9443/samlsso" SingleLogoutServiceUrl="
https://localhost:9443/samlsso" PartnerCertificateFile="Certificates\wso2.cer"/>
<!-- OneLogin -->
<PartnerIdentityProvider Name="
https://app.onelogin.com/saml/metadata/589361" Description="OneLogin"
SingleSignOnServiceUrl="
https://componentspacetest-dev.onelogin.com/trust/saml2/http-redirect/sso/589361" SingleLogoutServiceUrl="
https://componentspacetest-dev.onelogin.com/trust/saml2/http-redirect/slo/589361" PartnerCertificateFile="Certificates\onelogin.cer"/>
<!-- PingOne -->
<PartnerIdentityProvider Name="
https://pingone.com/idp/intandemsolutions" Description="PingOne"
SingleSignOnServiceUrl="
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c16" SingleLogoutServiceUrl="
https://sso.connect.pingidentity.com/sso/SLO.saml2" PartnerCertificateFile="Certificates\idp-signing.crt"/>
<!-- Bitium -->
<PartnerIdentityProvider Name="
https://www.bitium.com/componentspace.com" Description="Bitium"
SignAuthnRequest="true"
SingleSignOnServiceUrl="
https://www.bitium.com/componentspace.com/saml/83926/auth" PartnerCertificateFile="Certificates\bitium.cer"/>
<!-- Centrify -->
<PartnerIdentityProvider Name="
https://aam0904.my.centrify.com/48df688f-4247-424b-b393-3f55025b5a60" Description="Centrify"
SingleSignOnServiceUrl="
https://aam0904.my.centrify.com/applogin/appKey/48df688f-4247-424b-b393-3f55025b5a60/customerId/AAM0904" PartnerCertificateFile="Certificates\centrify.cer"/>
</PartnerIdentityProviders>
</SAMLConfiguration>
2740/9: 03/09/2019 09:50:35: The SAML configuration file has been successfully loaded.
2740/9: 03/09/2019 09:50:35: SAML configuration changes in the directory E:\Projects\MailTrack\MailTrack Updated 30082019\MailTrack\WebApplication are being monitored.
2740/9: 03/09/2019 09:50:35: The SAML environment has been successfuly initialized.
2740/9: 03/09/2019 09:50:35: The SAML_SessionId cookie with value 0119c3f0-1f58-4318-bc71-eb3d22315a95 has been set.
2740/9: 03/09/2019 09:50:35: Initiating SSO to the partner identity provider
https://pingone.com/idp/intandemsolutions.2740/9: 03/09/2019 09:50:35: Service provider session (0119c3f0-1f58-4318-bc71-eb3d22315a95) state:
2740/9: 03/09/2019 09:50:35: Sending request over HTTP Redirect, baseURL=
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c16, samlMessage=<samlp:AuthnRequest ID="_30b747bc-ddc4-4ba5-8915-74e496d5ac04" Version="2.0" IssueInstant="2019-09-03T08:50:35.435Z" Destination="
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c16" ForceAuthn="false" IsPassive="false" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="
https://localhost:44338/SAML/AssertionConsumerService.aspx" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
https://ExampleServiceProvider</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" AllowCreate="true" /></samlp:AuthnRequest>, relayState=
2740/9: 03/09/2019 09:50:35: Creating HTTP redirect query string.
2740/9: 03/09/2019 09:50:35: Encoding SAML message: <samlp:AuthnRequest ID="_30b747bc-ddc4-4ba5-8915-74e496d5ac04" Version="2.0" IssueInstant="2019-09-03T08:50:35.435Z" Destination="
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c16" ForceAuthn="false" IsPassive="false" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="
https://localhost:44338/SAML/AssertionConsumerService.aspx" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
https://ExampleServiceProvider</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" AllowCreate="true" /></samlp:AuthnRequest>
2740/9: 03/09/2019 09:50:35: Encoded SAML message: fVLLbtswEPwVgXfqYVG2RVgu3LhFDaSNEDk59FLQ5LomIJEql3Kdvy8lJ216SABeONzdmdnhCkXX9nwz+JO5h18DoI9224r8yNPDgi0OkiolGWUHUdBlmRV0wYCVc1UImTISPYJDbU1FZnFKoh3iADuDXhgfoDQraRpOvk+XvEh5XsQsL76TaBtYtBF+6jx53yNPEkQbS2sMSB/32vzUCozX/imA3fiYaNUnTXMXj4pnH8JNq0qljKlsllNRyiNl81LQZVBNpVI5SwEymc1J9Nk6CZPFihxFizBKrQWiPsNfpHbWW2nbj9qoQF+RwRluBWrkRnSA3EvebL7e8mCVH65FyL/s9zWt75o9iTaI4EZPN9bg0IFrwJ21hIf7238uWytFe7LoOWN5vkzGiclbnbHA/kKiS9ca5FNQ76vqny2Q9Wqs5lMe7lX/++3iRQZZv8j9dBFd38KznrCic4jFrZJX469cPf8W5u22tW21fBo33gn/Nl0WZxOiFT1OpXww2IPURw0qrLJt7e8bB8KHfLwbQjzJ+sr6/19d/wE=
2740/9: 03/09/2019 09:50:35: Query string: SAMLRequest=fVLLbtswEPwVgXfqYVG2RVgu3LhFDaSNEDk59FLQ5LomIJEql3Kdvy8lJ216SABeONzdmdnhCkXX9nwz%2BJO5h18DoI9224r8yNPDgi0OkiolGWUHUdBlmRV0wYCVc1UImTISPYJDbU1FZnFKoh3iADuDXhgfoDQraRpOvk%2BXvEh5XsQsL76TaBtYtBF%2B6jx53yNPEkQbS2sMSB%2F32vzUCozX%2FimA3fiYaNUnTXMXj4pnH8JNq0qljKlsllNRyiNl81LQZVBNpVI5SwEymc1J9Nk6CZPFihxFizBKrQWiPsNfpHbWW2nbj9qoQF%2BRwRluBWrkRnSA3EvebL7e8mCVH65FyL%2Fs9zWt75o9iTaI4EZPN9bg0IFrwJ21hIf7238uWytFe7LoOWN5vkzGiclbnbHA%2FkKiS9ca5FNQ76vqny2Q9Wqs5lMe7lX%2F%2B%2B3iRQZZv8j9dBFd38KznrCic4jFrZJX469cPf8W5u22tW21fBo33gn%2FNl0WZxOiFT1OpXww2IPURw0qrLJt7e8bB8KHfLwbQjzJ%2Bsr6%2F19d%2FwE%3D
2740/9: 03/09/2019 09:50:35: Redirect URL:
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c16&SAMLRequest=fVLLbtswEPwVgXfqYVG2RVgu3LhFDaSNEDk59FLQ5LomIJEql3Kdvy8lJ216SABeONzdmdnhCkXX9nwz%2BJO5h18DoI9224r8yNPDgi0OkiolGWUHUdBlmRV0wYCVc1UImTISPYJDbU1FZnFKoh3iADuDXhgfoDQraRpOvk%2BXvEh5XsQsL76TaBtYtBF%2B6jx53yNPEkQbS2sMSB%2F32vzUCozX%2FimA3fiYaNUnTXMXj4pnH8JNq0qljKlsllNRyiNl81LQZVBNpVI5SwEymc1J9Nk6CZPFihxFizBKrQWiPsNfpHbWW2nbj9qoQF%2BRwRluBWrkRnSA3EvebL7e8mCVH65FyL%2Fs9zWt75o9iTaI4EZPN9bg0IFrwJ21hIf7238uWytFe7LoOWN5vkzGiclbnbHA%2FkKiS9ca5FNQ76vqny2Q9Wqs5lMe7lX%2F%2B%2B3iRQZZv8j9dBFd38KznrCic4jFrZJX469cPf8W5u22tW21fBo33gn%2FNl0WZxOiFT1OpXww2IPURw0qrLJt7e8bB8KHfLwbQjzJ%2Bsr6%2F19d%2FwE%3D2740/9: 03/09/2019 09:50:35: Redirecting to:
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c16&SAMLRequest=fVLLbtswEPwVgXfqYVG2RVgu3LhFDaSNEDk59FLQ5LomIJEql3Kdvy8lJ216SABeONzdmdnhCkXX9nwz%2BJO5h18DoI9224r8yNPDgi0OkiolGWUHUdBlmRV0wYCVc1UImTISPYJDbU1FZnFKoh3iADuDXhgfoDQraRpOvk%2BXvEh5XsQsL76TaBtYtBF%2B6jx53yNPEkQbS2sMSB%2F32vzUCozX%2FimA3fiYaNUnTXMXj4pnH8JNq0qljKlsllNRyiNl81LQZVBNpVI5SwEymc1J9Nk6CZPFihxFizBKrQWiPsNfpHbWW2nbj9qoQF%2BRwRluBWrkRnSA3EvebL7e8mCVH65FyL%2Fs9zWt75o9iTaI4EZPN9bg0IFrwJ21hIf7238uWytFe7LoOWN5vkzGiclbnbHA%2FkKiS9ca5FNQ76vqny2Q9Wqs5lMe7lX%2F%2B%2B3iRQZZv8j9dBFd38KznrCic4jFrZJX469cPf8W5u22tW21fBo33gn%2FNl0WZxOiFT1OpXww2IPURw0qrLJt7e8bB8KHfLwbQjzJ%2Bsr6%2F19d%2FwE%3D2740/9: 03/09/2019 09:50:35: Request sent over HTTP Redirect.
2740/9: 03/09/2019 09:50:35: SAML message sent: partner=
https://pingone.com/idp/intandemsolutions, message=<samlp:AuthnRequest ID="_30b747bc-ddc4-4ba5-8915-74e496d5ac04" Version="2.0" IssueInstant="2019-09-03T08:50:35.435Z" Destination="
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c16" ForceAuthn="false" IsPassive="false" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="
https://localhost:44338/SAML/AssertionConsumerService.aspx" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
https://ExampleServiceProvider</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" AllowCreate="true" /></samlp:AuthnRequest>, relay state=, destination URL=
https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=d044d123-a9cf-469a-847b-cdd340ee1c162740/9: 03/09/2019 09:50:35: The SAML_SessionId cookie with value b1419e4e-14d3-4cfb-a721-b5766ba1a5e1 has been set.
2740/9: 03/09/2019 09:50:35: Service provider session (b1419e4e-14d3-4cfb-a721-b5766ba1a5e1) state:
Pending response state:
Action: ReceiveSamlResponse
Partner name:
https://pingone.com/idp/intandemsolutionsRelay state:
In response to: _30b747bc-ddc4-4ba5-8915-74e496d5ac04
2740/9: 03/09/2019 09:50:35: Initiation of SSO to the partner identity provider
https://pingone.com/idp/intandemsolutions has completed successfully.