ComponentSpace

Forums



Multi tenant configuration


Multi tenant configuration

Author
Message
Vlad
Vlad
New Member
New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)New Member (6 reputation)

Group: Forum Members
Posts: 3, Visits: 49
I have implemented custom AbstractSAMLConfigurationResolver.
It use SP initiated login.
On initiate SSO I set SAMLController.ConfigurationID = configurationID and custom resolver can get configuration from DB.
At AssertionConsumerService I do not have any configuration ID at all, so custom resolver can not find right configuration.
Are configuration ID saved at cookies at intiate SSO step ?
What I'm missed ? 

Thanks for advaise


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Our recommendation is to set the SAMLController.ConfigurationID property prior to each SAML SSO/SLO API call.

However, we do store the configuration ID in the SAML session state which is identified by the SAML_SessionId cookie. If you're not seeing the configuration ID at your assertion consumer service, it might be that the cookie isn't being returned by the browser.

The  SAML_SessionId cookie is marked as secure so ensure the assertion consumer service endpoint is accessed over HTTPS.

Also, check the SameSite cookie mode configured for your application.

https://www.componentspace.com/Forums/10843/Ramifications-of-setting-httpCookies-sameSite-in-webconfig

If there's still an issue, please enable SAML trace and send the generated log file as an email attachment to [email protected] mentioning your forum post.

https://www.componentspace.com/Forums/17/Enabing-SAML-Trace


Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search