ComponentSpace

Forums



Getting after redirecting to Assertion Service


Getting after redirecting to Assertion Service

Author
Message
thinktime
thinktime
New Member
New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)

Group: Forum Members
Posts: 27, Visits: 144
i have the issue with login 'An SP-initiated SAML response from http://www.okta.com/exk63omfn84Ir4LPV0h7 was received unexpectedly.'

And I can't find the reason why it happens.

It can't be HTTPS as a reason (tested under HTTP and HTTPS - no difference here), because implemented RedisSsoSessionStore and RedisIdCache.

Attached log.
Attachments
RedisSsoSessionStore.txt (1 view, 1.00 KB)
RedisIdCache.txt (1 view, 1.00 KB)
2021-10-20.log (1 view, 67.00 KB)
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
We use a SAML_SessionId cookie to maintain SAML session state in support of the SAML protocol.

This cookie isn't being sent by the browser along with the HTTP Post of the SAML response. This leads to the exception you're seeing.

Please take a look at the following article which talks about the <httpCookies> setting in web.config.

https://www.componentspace.com/Forums/10843/Ramifications-of-setting-httpCookies-sameSite-in-webconfig

If there's still an issue, please use Chrome's browser developer tools (F12) to capture the network traffic.

Check the “show filtered out request cookies” flag and hover over the icon to get a reason for the browser not sending the cookie.

https://www.componentspace.com/Forums/11875/Troubleshooting-Missing-Cookies





Regards
ComponentSpace Development
thinktime
thinktime
New Member
New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)New Member (29 reputation)

Group: Forum Members
Posts: 27, Visits: 144
i mentioned in prev post, that was implemented RedisSession storage. there are no SAML_SessionId cookie, As sessionId stored in Redis, not cookies.

httpCookies setting is not specified and adding it doesn't change any. 

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
The session information isn't stored in the cookie. Instead, the cookie value is an index into the Redis session store. If there's no cookie, we don't know which session information to retrieve from the Redis session store.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search