ComponentSpace

Forums



SSO to Office365 fails


SSO to Office365 fails

Author
Message
raju
raju
New Member
New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)

Group: Awaiting Activation
Posts: 15, Visits: 60
Hi
  We started seeing some new issue, wherein SSO to Office365 doesn't work any more. On Windows, we use chrome.
  When our IdP formulates the SAML response, browser displays the HTML page ( with encoded SAML response) , while I expect the Office365 page signed in for user.

  I enabled the SAML trace as per the component space, but no logs in the log file as this problem happens.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Any ideas what changed?

Does this happen just with Chrome or with other browsers as well?

What's the URL in the address bar when the HTML is displayed? Is this still in your IdP site?

I'm not sure why logging wouldn't be working. Please double check the settings.

https://www.componentspace.com/forums/7936/Enabling-SAML-Trace

You could also capture the network traffic using the browser developer tools to see what's happening.

You're welcome to send the captured network traffic as a HAR file to [email protected] mentioning your forum post and we'll take a look.

Regards
ComponentSpace Development
raju
raju
New Member
New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)

Group: Awaiting Activation
Posts: 15, Visits: 60
ComponentSpace - 2/2/2022
Any ideas what changed?

Does this happen just with Chrome or with other browsers as well?

What's the URL in the address bar when the HTML is displayed? Is this still in your IdP site?

I'm not sure why logging wouldn't be working. Please double check the settings.

https://www.componentspace.com/forums/7936/Enabling-SAML-Trace

You could also capture the network traffic using the browser developer tools to see what's happening.

You're welcome to send the captured network traffic as a HAR file to [email protected] mentioning your forum post and we'll take a look.

Its happening with Chrome and Firefox. This was working until sometime ago, using same browsers;
I think I need a fix from you . It appears latest chrome and FF document loading JS script embedded in is not working:

Please review this ( not working case, not just Office365 , Salesforce as well. The key is that POST bindings for SAMl response is broken):

<html xmlns="http://www.w3.org/1999/xhtml"><body onload="document.forms.samlform.submit()"><noscript><p><strong>Note: </strong>Since your browser does not support JavaScript, you must press the Continue button to proceed.</p></noscript><form id="samlform" action="https://login.microsoftonline.com/login.srf" method="post" target="_self"><div><input type="hidden" name="SAMLResponse" value="PHNhbWxwOlJlc3BvbnNlIElEPSJfNmU2NGI0YWMtYTc5NC00Y2E2LTk5M2EtMzk5YmJlZDI4YTQ3IiBJblJlc3BvbnNlVG89Il8xMzU2ZjIyZi1lMDkyLTQwMzUtOTFiNS02NGU5MDhlZDU3YWUiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDIyLTAyLTA1VDAxOjQ5OjI3WiIgRGVzdGluYXRpb249Imh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbS9sb2dpbi5zcmYiIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwczovL0tNQXV0aFNhbWxJRFBQcm92aWRlcjwvc2FtbDpJc3N1ZXI+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIiAvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiBWZXJzaW9uPSIyLjAiIElEPSJfYjQ5ZDUxNTQtMmM3MS00NDNhLThmMjMtM2MyNzEzMTc4Y2ZlIiBJc3N1ZUluc3RhbnQ9IjIwMjItMDItMDVUMDE6NDk6MjdaIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9LTUF1dGhTYW1sSURQUHJvdmlkZXI8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjX2I0OWQ1MTU0LTJjNzEtNDQzYS04ZjIzLTNjMjcxMzE3OGNmZSI+PFRyYW5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxJbmNsdXNpdmVOYW1lc3BhY2VzIFByZWZpeExpc3Q9IiNkZWZhdWx0IHNhbWwgZHMgeHMgeHNpIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjwvVHJhbnNmb3JtPjwvVHJhbnNmb3Jtcz48RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2IiAvPjxEaWdlc3RWYWx1ZT5ENlV3N2RTRTBVMlBFU0I1Vk0reGlwV0pHdWNwemo5Znc4UzVaTFI5d2xJPTwvRGlnZXN0VmFsdWU+PC9SZWZlcmVuY2U+PC9TaWduZWRJbmZvPjxTaWduYXR1cmVWYWx1ZT5FTE1ZdmlWOXl3MjI2bzJuS0hPSUQ2dWtSWGV2QlhBcXh5VkM3NkNjYVFjbFAxVlVwU3dIU05IOEtoNEdaTGVwV3VaR3RBMzMwQ20yczd1U29PQythT21pN1ZMZExzeTJDajBNenZ5bGhJL3ZYNkZkQ1licVZOY3R2YVE5ZjBSWGdhOHJxd1pMdEp3NkFqN2MxbUdLc3lkVGhYWHB5QlNJZkRCUml2ckdPZnNRb24xZndiclhObVljTnRVbmZwdnhBU05sTDY3MEF1WTZpQ3dtMXAyQ3lkUEhlN2hPUjU3MzhxMGl0ZEFMbjE4WnR3SkFiYis5ZnhwNmZjelNtUHdFVG9jOEhTc0RRNjRoZEJmakFkVWswcmJrM3JHbHcvdXhhbmlIMXNMNUsydlJxMENxSGlJOFRwdmhoWlo3Wm5TOHJqMHV3Nlgvd3A4MjlLN3kwdnpiSnc9PTwvU2lnbmF0dXJlVmFsdWU+PEtleUluZm8+PFg1MDlEYXRhPjxYNTA5Q2VydGlmaWNhdGU+TUlJRzl6Q0NCTitnQXdJQkFnSVFUOGtCbmxoVkwwa1hWMUUzdW0yaVV6QU5CZ2txaGtpRzl3MEJBUXdGQURCTE1Rc3dDUVlEVlFRR0V3SkJWREVRTUE0R0ExVUVDaE1IV21WeWIxTlRUREVxTUNnR0ExVUVBeE1oV21WeWIxTlRUQ0JTVTBFZ1JHOXRZV2x1SUZObFkzVnlaU0JUYVhSbElFTkJNQjRYRFRJeU1ERXlPREF3TURBd01Gb1hEVEl6TURFeU9ESXpOVGsxT1Zvd0d6RVpNQmNHQTFVRUF3d1FLaTVyYldGMWRHaDBaWE4wTG1OdmJUQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUo1b2VmcjgwTkdMNVliaFhUM1RCRWVDc0RsalVWY1FGUFVyTlNEY3AyNXZqNGpmelBPUFdxYmRyYVRWUHVJMGR1UmFXdG9zTmlKRnU1VVEybGFhSG1WbWFUYXNHeW1tQndZNkd5WWJMa0hGMGhIOGFIczJxczg5cUlEaTh2SndVWEhOWXdpNmtLOUEwK28zVEJhWHUxR0RRQ1lhcHBzYTAySnVXYTBCTzhCRjhxT0pTOFczUmI0THNZa0xTRi80L2pxRTR6SzkvUk4wUHl4SEp5aHE5dDdpMXZ6cGVRSVM1MlBFaWhNM3pPT2ZlZm13Ui9UU0lCeSt5NGNOSStFWmxHNG5rZkxabjMyR0tRcVhsY08wU3lxcUdVNEdGclQwZWZOMHVyNkgzNFNuaHI4V2tQV092ekNpNEhGcERpdUxONFlUODl5cy9qSHVCelZ2SEhwNmR6TUNBd0VBQWFPQ0F3VXdnZ01CTUI4R0ExVWRJd1FZTUJhQUZNalplR2lpMlJsbzFUMXkzbDhLUHR5MWhvYW1NQjBHQTFVZERnUVdCQlFwUzUzNFVtVUtCdFB0T3NvMHRDTVViZnVYSFRBT0JnTlZIUThCQWY4RUJBTUNCYUF3REFZRFZSMFRBUUgvQkFJd0FEQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0RBUVlJS3dZQkJRVUhBd0l3U1FZRFZSMGdCRUl3UURBMEJnc3JCZ0VFQWJJeEFRSUNUakFsTUNNR0NDc0dBUVVGQndJQkZoZG9kSFJ3Y3pvdkwzTmxZM1JwWjI4dVkyOXRMME5RVXpBSUJnWm5nUXdCQWdFd2dZZ0dDQ3NHQVFVRkJ3RUJCSHd3ZWpCTEJnZ3JCZ0VGQlFjd0FvWS9hSFIwY0RvdkwzcGxjbTl6YzJ3dVkzSjBMbk5sWTNScFoyOHVZMjl0TDFwbGNtOVRVMHhTVTBGRWIyMWhhVzVUWldOMWNtVlRhWFJsUTBFdVkzSjBNQ3NHQ0NzR0FRVUZCekFCaGg5b2RIUndPaTh2ZW1WeWIzTnpiQzV2WTNOd0xuTmxZM1JwWjI4dVkyOXRNQ3NHQTFVZEVRUWtNQ0tDRUNvdWEyMWhkWFJvZEdWemRDNWpiMjJDRG10dFlYVjBhSFJsYzNRdVkyOXRNSUlCZlFZS0t3WUJCQUhXZVFJRUFnU0NBVzBFZ2dGcEFXY0Fkd0N0OTc3NmZQOFF5SXVkUFp3ZVBoaHF0R2NwWGMreERDVEtoWVkwNjl5Q2lnQUFBWDZpVUJsRkFBQUVBd0JJTUVZQ0lRRFVuM2QwTWVYWXF3ZldXb1E0ME5TNHQyUUVZNGlYNjRXYkF6bVp6ektWOFFJaEFJUXZmTFZseEVRNEQ3eGhDbGp0NlN0UHRCMWpORmh0MXBaUXkrT1F4ZjNCQUhVQWVqS01WTmkzTGJZZzZqamdVaDdwaEJad01oT0ZUVHZTSzhFNlY2TlM2MUlBQUFGK29sQVpCd0FBQkFNQVJqQkVBaUFiVm9ZdEhmSU9uNUtpNVVGK0hLcDFvK3V3OTUvWG0wYTNjQ1BhU0NyZ21RSWdWWW5OcitvU2UvQXU5M2FxQXNmK1N5UkZ0bHFCc2t0Sk9TWjdKUG9UazRFQWRRRG9QdERhUHZVR05UTG5WeWk4aVd2SkE5UEwwUkZyN090cDRYZDliUWE5YmdBQUFYNmlVQmpkQUFBRUF3QkdNRVFDSUFyQkFvenFEa0JDdFdTZzEwS3dOMERqb01haSsxeDJja0diWWU1WUIzSnZBaUJlMTBtSHY1V1pFS3VYM1JvbXB2MExyTnFUSDNPdGhUV3Y4SGZEZkhSb2VqQU5CZ2txaGtpRzl3MEJBUXdGQUFPQ0FnRUFQYXR5L1hDd3orS2V5UVorblhSR08xKzN3YURGZEkzMXZlYzIzRFB6K3RqaGVsS29sWXlnWXg0OGZOM0ozeS92R2t1bi80VG9HZ0Z2aXdwaytnYXNEaGdlWGdqdE1nYk00Um0zdjVTSmJ3NGVmVDlUSk51NW1CTkZJY0NxTFRhRTJGMURjQjhzajJ3NXdaT2N4TkZzdURFYW03UDgvcCtLU1AyZXI5dkpJOVc1VFFsRHREaU5pMGZBcWZzemRPN2tFRHpjUG1EZExaRDRxWkhvYUYvUWl6NjFNMmtJQ080TDl4Y1BpQXdneTFzZ3ppNXBUZEljSTZaRFlxUm5hTW5tcGJkb21XNjQ3blp4YXA4Z0pxcFRLemdiTzIrNmVLVVBNYng3NWZjb2ZYV2IzSjJQaDV4Qk8yV3Y4bnpDOE9IdUhuYXhudHQ0Z24wUm5WTTYrbkJyTnVPaHdETzhHQ2F0N3lGYm5HSTVURlM3emJ5QWU4am5tOUJjRXRFWnJ6djZuU2UvWWpBRWU2SXhXRlQrTU5IMlkyb2hYd1JpdjhWYm5vekxTVjh0VzF2clBqem1NclVFaUpPYlB4MXVaTElITmZaOUFTVzVYV2p0b2wrRE1CYjRYZmFsOGNXaElWQU9VUnM3eEF4NGdmc2lOZlN0ejZDVS9sR3d3cjFoME5vcFFkM2lzMFgzQUJ3cS9mdjJIRFFBeDM2eDM0am5Qd21VL3F1dENzUkxST0htSitYUzExWnFjUDY0WDQxVm96QkNVZXpnNUxVbWNEeUJTdlV5MkhWU3BPa2NNTExsNlFpZHhxYUlTK0dnVncvOWpTR1Z2bWVUVXhnVUVORmtlTWVyb25od2lJVkxhMzRmNU1iSG81YkJTZGRDL1kraVhuN1g3M3NDVlZGSzZqZz08L1g1MDlDZXJ0aWZpY2F0ZT48L1g1MDlEYXRhPjwvS2V5SW5mbz48L1NpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+dXNlcjFrbWF1dGh0ZXN0PC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIyLTAyLTA1VDAxOjUyOjI3WiIgUmVjaXBpZW50PSJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vbG9naW4uc3JmIiBJblJlc3BvbnNlVG89Il8xMzU2ZjIyZi1lMDkyLTQwMzUtOTFiNS02NGU5MDhlZDU3YWUiIC8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sOlN1YmplY3Q+PHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMjItMDItMDVUMDE6NDY6MjdaIiBOb3RPbk9yQWZ0ZXI9IjIwMjItMDItMDVUMDE6NTI6MjdaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnVybjpmZWRlcmF0aW9uOk1pY3Jvc29mdE9ubGluZTwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMjItMDItMDVUMDE6NDk6MjdaIiBTZXNzaW9uSW5kZXg9Il9iNDlkNTE1NC0yYzcxLTQ0M2EtOGYyMy0zYzI3MTMxNzhjZmUiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9IklEUEVtYWlsIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPnVzZXIxQGttYXV0aGdpZC5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4="/><input type="hidden" name="RelayState" value="estsredirect=2&estsrequest=rQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARSvd-Uhtd4Oy5Yw7WV-fedklmMfNm5iaUlGSWpxSUgRasYlQmbqX-BkfEFI-MtJkH_onTPlPBit9SU1KLEksz8vAssAq9YeAyYrTg4uAQYJBgUGH6wMC5iBVr9YsKln6xhx_zmXMuXCbjhz3CKVd8sMMTJrTjSvDDLJT3VJyrCybzMyKPKNNQyIMfbLFXfvTIsqsK3wNwkscTT1tTKcAKb0AQ2plNsDB_YGDvYGWaxMxzgZDzAy_CDb-_ru59nd_564wEA0"/></div><noscript><div><input type="submit" value="Continue"/></div></noscript></form></body></html> 
raju
raju
New Member
New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)

Group: Awaiting Activation
Posts: 15, Visits: 60
raju - 2/9/2022
ComponentSpace - 2/2/2022
Any ideas what changed?

Does this happen just with Chrome or with other browsers as well?

What's the URL in the address bar when the HTML is displayed? Is this still in your IdP site?

I'm not sure why logging wouldn't be working. Please double check the settings.

https://www.componentspace.com/forums/7936/Enabling-SAML-Trace

You could also capture the network traffic using the browser developer tools to see what's happening.

You're welcome to send the captured network traffic as a HAR file to [email protected] mentioning your forum post and we'll take a look.

Its happening with Chrome and Firefox. This was working until sometime ago, using same browsers;
I think I need a fix from you . It appears latest chrome and FF document loading JS script embedded in is not working:

Please review this ( not working case, not just Office365 , Salesforce as well. The key is that POST bindings for SAMl response is broken):

<html xmlns="http://www.w3.org/1999/xhtml"><body onload="document.forms.samlform.submit()"><noscript><p><strong>Note: </strong>Since your browser does not support JavaScript, you must press the Continue button to proceed.</p></noscript><form id="samlform" action="https://login.microsoftonline.com/login.srf" method="post" target="_self"><div><input type="hidden" name="SAMLResponse" value="PHNhbWxwOlJlc3BvbnNlIElEPSJfNmU2NGI0YWMtYTc5NC00Y2E2LTk5M2EtMzk5YmJlZDI4YTQ3IiBJblJlc3BvbnNlVG89Il8xMzU2ZjIyZi1lMDkyLTQwMzUtOTFiNS02NGU5MDhlZDU3YWUiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDIyLTAyLTA1VDAxOjQ5OjI3WiIgRGVzdGluYXRpb249Imh0dHBzOi8vbG9naW4ubWljcm9zb2Z0b25saW5lLmNvbS9sb2dpbi5zcmYiIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwczovL0tNQXV0aFNhbWxJRFBQcm92aWRlcjwvc2FtbDpJc3N1ZXI+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIiAvPjwvc2FtbHA6U3RhdHVzPjxzYW1sOkFzc2VydGlvbiBWZXJzaW9uPSIyLjAiIElEPSJfYjQ5ZDUxNTQtMmM3MS00NDNhLThmMjMtM2MyNzEzMTc4Y2ZlIiBJc3N1ZUluc3RhbnQ9IjIwMjItMDItMDVUMDE6NDk6MjdaIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj48c2FtbDpJc3N1ZXI+aHR0cHM6Ly9LTUF1dGhTYW1sSURQUHJvdmlkZXI8L3NhbWw6SXNzdWVyPjxTaWduYXR1cmUgeG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxTaWduZWRJbmZvPjxDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjxTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzA0L3htbGRzaWctbW9yZSNyc2Etc2hhMjU2IiAvPjxSZWZlcmVuY2UgVVJJPSIjX2I0OWQ1MTU0LTJjNzEtNDQzYS04ZjIzLTNjMjcxMzE3OGNmZSI+PFRyYW5zZm9ybXM+PFRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIiAvPjxUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiPjxJbmNsdXNpdmVOYW1lc3BhY2VzIFByZWZpeExpc3Q9IiNkZWZhdWx0IHNhbWwgZHMgeHMgeHNpIiB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIiAvPjwvVHJhbnNmb3JtPjwvVHJhbnNmb3Jtcz48RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2IiAvPjxEaWdlc3RWYWx1ZT5ENlV3N2RTRTBVMlBFU0I1Vk0reGlwV0pHdWNwemo5Znc4UzVaTFI5d2xJPTwvRGlnZXN0VmFsdWU+PC9SZWZlcmVuY2U+PC9TaWduZWRJbmZvPjxTaWduYXR1cmVWYWx1ZT5FTE1ZdmlWOXl3MjI2bzJuS0hPSUQ2dWtSWGV2QlhBcXh5VkM3NkNjYVFjbFAxVlVwU3dIU05IOEtoNEdaTGVwV3VaR3RBMzMwQ20yczd1U29PQythT21pN1ZMZExzeTJDajBNenZ5bGhJL3ZYNkZkQ1licVZOY3R2YVE5ZjBSWGdhOHJxd1pMdEp3NkFqN2MxbUdLc3lkVGhYWHB5QlNJZkRCUml2ckdPZnNRb24xZndiclhObVljTnRVbmZwdnhBU05sTDY3MEF1WTZpQ3dtMXAyQ3lkUEhlN2hPUjU3MzhxMGl0ZEFMbjE4WnR3SkFiYis5ZnhwNmZjelNtUHdFVG9jOEhTc0RRNjRoZEJmakFkVWswcmJrM3JHbHcvdXhhbmlIMXNMNUsydlJxMENxSGlJOFRwdmhoWlo3Wm5TOHJqMHV3Nlgvd3A4MjlLN3kwdnpiSnc9PTwvU2lnbmF0dXJlVmFsdWU+PEtleUluZm8+PFg1MDlEYXRhPjxYNTA5Q2VydGlmaWNhdGU+TUlJRzl6Q0NCTitnQXdJQkFnSVFUOGtCbmxoVkwwa1hWMUUzdW0yaVV6QU5CZ2txaGtpRzl3MEJBUXdGQURCTE1Rc3dDUVlEVlFRR0V3SkJWREVRTUE0R0ExVUVDaE1IV21WeWIxTlRUREVxTUNnR0ExVUVBeE1oV21WeWIxTlRUQ0JTVTBFZ1JHOXRZV2x1SUZObFkzVnlaU0JUYVhSbElFTkJNQjRYRFRJeU1ERXlPREF3TURBd01Gb1hEVEl6TURFeU9ESXpOVGsxT1Zvd0d6RVpNQmNHQTFVRUF3d1FLaTVyYldGMWRHaDBaWE4wTG1OdmJUQ0NBU0l3RFFZSktvWklodmNOQVFFQkJRQURnZ0VQQURDQ0FRb0NnZ0VCQUo1b2VmcjgwTkdMNVliaFhUM1RCRWVDc0RsalVWY1FGUFVyTlNEY3AyNXZqNGpmelBPUFdxYmRyYVRWUHVJMGR1UmFXdG9zTmlKRnU1VVEybGFhSG1WbWFUYXNHeW1tQndZNkd5WWJMa0hGMGhIOGFIczJxczg5cUlEaTh2SndVWEhOWXdpNmtLOUEwK28zVEJhWHUxR0RRQ1lhcHBzYTAySnVXYTBCTzhCRjhxT0pTOFczUmI0THNZa0xTRi80L2pxRTR6SzkvUk4wUHl4SEp5aHE5dDdpMXZ6cGVRSVM1MlBFaWhNM3pPT2ZlZm13Ui9UU0lCeSt5NGNOSStFWmxHNG5rZkxabjMyR0tRcVhsY08wU3lxcUdVNEdGclQwZWZOMHVyNkgzNFNuaHI4V2tQV092ekNpNEhGcERpdUxONFlUODl5cy9qSHVCelZ2SEhwNmR6TUNBd0VBQWFPQ0F3VXdnZ01CTUI4R0ExVWRJd1FZTUJhQUZNalplR2lpMlJsbzFUMXkzbDhLUHR5MWhvYW1NQjBHQTFVZERnUVdCQlFwUzUzNFVtVUtCdFB0T3NvMHRDTVViZnVYSFRBT0JnTlZIUThCQWY4RUJBTUNCYUF3REFZRFZSMFRBUUgvQkFJd0FEQWRCZ05WSFNVRUZqQVVCZ2dyQmdFRkJRY0RBUVlJS3dZQkJRVUhBd0l3U1FZRFZSMGdCRUl3UURBMEJnc3JCZ0VFQWJJeEFRSUNUakFsTUNNR0NDc0dBUVVGQndJQkZoZG9kSFJ3Y3pvdkwzTmxZM1JwWjI4dVkyOXRMME5RVXpBSUJnWm5nUXdCQWdFd2dZZ0dDQ3NHQVFVRkJ3RUJCSHd3ZWpCTEJnZ3JCZ0VGQlFjd0FvWS9hSFIwY0RvdkwzcGxjbTl6YzJ3dVkzSjBMbk5sWTNScFoyOHVZMjl0TDFwbGNtOVRVMHhTVTBGRWIyMWhhVzVUWldOMWNtVlRhWFJsUTBFdVkzSjBNQ3NHQ0NzR0FRVUZCekFCaGg5b2RIUndPaTh2ZW1WeWIzTnpiQzV2WTNOd0xuTmxZM1JwWjI4dVkyOXRNQ3NHQTFVZEVRUWtNQ0tDRUNvdWEyMWhkWFJvZEdWemRDNWpiMjJDRG10dFlYVjBhSFJsYzNRdVkyOXRNSUlCZlFZS0t3WUJCQUhXZVFJRUFnU0NBVzBFZ2dGcEFXY0Fkd0N0OTc3NmZQOFF5SXVkUFp3ZVBoaHF0R2NwWGMreERDVEtoWVkwNjl5Q2lnQUFBWDZpVUJsRkFBQUVBd0JJTUVZQ0lRRFVuM2QwTWVYWXF3ZldXb1E0ME5TNHQyUUVZNGlYNjRXYkF6bVp6ektWOFFJaEFJUXZmTFZseEVRNEQ3eGhDbGp0NlN0UHRCMWpORmh0MXBaUXkrT1F4ZjNCQUhVQWVqS01WTmkzTGJZZzZqamdVaDdwaEJad01oT0ZUVHZTSzhFNlY2TlM2MUlBQUFGK29sQVpCd0FBQkFNQVJqQkVBaUFiVm9ZdEhmSU9uNUtpNVVGK0hLcDFvK3V3OTUvWG0wYTNjQ1BhU0NyZ21RSWdWWW5OcitvU2UvQXU5M2FxQXNmK1N5UkZ0bHFCc2t0Sk9TWjdKUG9UazRFQWRRRG9QdERhUHZVR05UTG5WeWk4aVd2SkE5UEwwUkZyN090cDRYZDliUWE5YmdBQUFYNmlVQmpkQUFBRUF3QkdNRVFDSUFyQkFvenFEa0JDdFdTZzEwS3dOMERqb01haSsxeDJja0diWWU1WUIzSnZBaUJlMTBtSHY1V1pFS3VYM1JvbXB2MExyTnFUSDNPdGhUV3Y4SGZEZkhSb2VqQU5CZ2txaGtpRzl3MEJBUXdGQUFPQ0FnRUFQYXR5L1hDd3orS2V5UVorblhSR08xKzN3YURGZEkzMXZlYzIzRFB6K3RqaGVsS29sWXlnWXg0OGZOM0ozeS92R2t1bi80VG9HZ0Z2aXdwaytnYXNEaGdlWGdqdE1nYk00Um0zdjVTSmJ3NGVmVDlUSk51NW1CTkZJY0NxTFRhRTJGMURjQjhzajJ3NXdaT2N4TkZzdURFYW03UDgvcCtLU1AyZXI5dkpJOVc1VFFsRHREaU5pMGZBcWZzemRPN2tFRHpjUG1EZExaRDRxWkhvYUYvUWl6NjFNMmtJQ080TDl4Y1BpQXdneTFzZ3ppNXBUZEljSTZaRFlxUm5hTW5tcGJkb21XNjQ3blp4YXA4Z0pxcFRLemdiTzIrNmVLVVBNYng3NWZjb2ZYV2IzSjJQaDV4Qk8yV3Y4bnpDOE9IdUhuYXhudHQ0Z24wUm5WTTYrbkJyTnVPaHdETzhHQ2F0N3lGYm5HSTVURlM3emJ5QWU4am5tOUJjRXRFWnJ6djZuU2UvWWpBRWU2SXhXRlQrTU5IMlkyb2hYd1JpdjhWYm5vekxTVjh0VzF2clBqem1NclVFaUpPYlB4MXVaTElITmZaOUFTVzVYV2p0b2wrRE1CYjRYZmFsOGNXaElWQU9VUnM3eEF4NGdmc2lOZlN0ejZDVS9sR3d3cjFoME5vcFFkM2lzMFgzQUJ3cS9mdjJIRFFBeDM2eDM0am5Qd21VL3F1dENzUkxST0htSitYUzExWnFjUDY0WDQxVm96QkNVZXpnNUxVbWNEeUJTdlV5MkhWU3BPa2NNTExsNlFpZHhxYUlTK0dnVncvOWpTR1Z2bWVUVXhnVUVORmtlTWVyb25od2lJVkxhMzRmNU1iSG81YkJTZGRDL1kraVhuN1g3M3NDVlZGSzZqZz08L1g1MDlDZXJ0aWZpY2F0ZT48L1g1MDlEYXRhPjwvS2V5SW5mbz48L1NpZ25hdHVyZT48c2FtbDpTdWJqZWN0PjxzYW1sOk5hbWVJRCBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OmVtYWlsQWRkcmVzcyI+dXNlcjFrbWF1dGh0ZXN0PC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgTm90T25PckFmdGVyPSIyMDIyLTAyLTA1VDAxOjUyOjI3WiIgUmVjaXBpZW50PSJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vbG9naW4uc3JmIiBJblJlc3BvbnNlVG89Il8xMzU2ZjIyZi1lMDkyLTQwMzUtOTFiNS02NGU5MDhlZDU3YWUiIC8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sOlN1YmplY3Q+PHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMjItMDItMDVUMDE6NDY6MjdaIiBOb3RPbk9yQWZ0ZXI9IjIwMjItMDItMDVUMDE6NTI6MjdaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPnVybjpmZWRlcmF0aW9uOk1pY3Jvc29mdE9ubGluZTwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMjItMDItMDVUMDE6NDk6MjdaIiBTZXNzaW9uSW5kZXg9Il9iNDlkNTE1NC0yYzcxLTQ0M2EtOGYyMy0zYzI3MTMxNzhjZmUiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9IklEUEVtYWlsIj48c2FtbDpBdHRyaWJ1dGVWYWx1ZSB4c2k6dHlwZT0ieHM6c3RyaW5nIiB4bWxuczp4cz0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEiIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiPnVzZXIxQGttYXV0aGdpZC5jb208L3NhbWw6QXR0cmlidXRlVmFsdWU+PC9zYW1sOkF0dHJpYnV0ZT48L3NhbWw6QXR0cmlidXRlU3RhdGVtZW50Pjwvc2FtbDpBc3NlcnRpb24+PC9zYW1scDpSZXNwb25zZT4="/><input type="hidden" name="RelayState" value="estsredirect=2&estsrequest=rQQIARAA42Kw0skoKSkottLXL8gvKknM0cvNTC7KL85PK8nPy8nMS9VLzs_Vyy9Kz0wBsYqEuARSvd-Uhtd4Oy5Yw7WV-fedklmMfNm5iaUlGSWpxSUgRasYlQmbqX-BkfEFI-MtJkH_onTPlPBit9SU1KLEksz8vAssAq9YeAyYrTg4uAQYJBgUGH6wMC5iBVr9YsKln6xhx_zmXMuXCbjhz3CKVd8sMMTJrTjSvDDLJT3VJyrCybzMyKPKNNQyIMfbLFXfvTIsqsK3wNwkscTT1tTKcAKb0AQ2plNsDB_YGDvYGWaxMxzgZDzAy_CDb-_ru59nd_564wEA0"/></div><noscript><div><input type="submit" value="Continue"/></div></noscript></form></body></html> 

The same html content , when I explicitly load it as a file ( click on the html file that contains above text) it works. But not as part part SAMl flow ( automatic POST submission is failing). Please advise what we need to fix on server side. We use .net core
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
We haven't seen or heard of any issues using earlier or the latest releases of Chrome and Firefox.

Can you reproduce the issue using the ExampleIdentityProvider and ExampleServiceProvider projects we ship?

Please capture the network traffic using the browser developer tools and send the captured network traffic as a HAR file to [email protected] mentioning your forum post and we'll take a look.



Regards
ComponentSpace Development
raju
raju
New Member
New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)

Group: Awaiting Activation
Posts: 15, Visits: 60
ComponentSpace - 2/9/2022
We haven't seen or heard of any issues using earlier or the latest releases of Chrome and Firefox.

Can you reproduce the issue using the ExampleIdentityProvider and ExampleServiceProvider projects we ship?

Please capture the network traffic using the browser developer tools and send the captured network traffic as a HAR file to [email protected] mentioning your forum post and we'll take a look.


Running the test with Examples you mentioned does not help, as that will work as I operate on browser explicitly.
Our client application is .Net based app that launches the browser programmatically and the browser is on its onw doing SAML flow.
I need to ensure our application works, not validating the example programs which I am sure will work.
JS loading timings are little weird. if you see my content above, I think currently componentspace I am using is using the JS in that html form use .load() function. May be by the time html form was received on browser, its too late and the .load isnt firing.
I see that your guides and other discussions on this to use other varient of JS:

===
<script>
function submitForm() {
document.forms.samlform.submit();
}
if (document.readyState === ""loading"") {
document.addEventListener(""DOMContentLoaded"", submitForm);
} else {
submitForm();
}
</script>

==


If I have to experiment the above JS, where exactly I can change the code ( or html form) on server ( that uses your compspace IdP) ?
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
The reason I asked about the examples was to try to narrow down the scope of the issue and see if there's possibly a way for us to reproduce the issue here.

Originally I thought you meant the issue resulted from using the latest browser versions.

Now it sounds like you suspect it's related to the fact the browser is invoked programmatically.

What version of the product are you using?

In version 3.4.0, we added better support for Content-Security-Policy headers for JavaScript. This meant changes to the HTML template and JavaScript used as part of the HTTP POST binding support.

You can change the HTML template using the HttpPostFormOptions as described in the Developer Guide which you'll find in the documentation folder.



Regards
ComponentSpace Development
raju
raju
New Member
New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)New Member (22 reputation)

Group: Awaiting Activation
Posts: 15, Visits: 60
ComponentSpace - 2/10/2022
The reason I asked about the examples was to try to narrow down the scope of the issue and see if there's possibly a way for us to reproduce the issue here.

Originally I thought you meant the issue resulted from using the latest browser versions.

Now it sounds like you suspect it's related to the fact the browser is invoked programmatically.

What version of the product are you using?

In version 3.4.0, we added better support for Content-Security-Policy headers for JavaScript. This meant changes to the HTML template and JavaScript used as part of the HTTP POST binding support.

You can change the HTML template using the HttpPostFormOptions as described in the Developer Guide which you'll find in the documentation folder.


Thank you.
We are using v2.0.6. We don't want to upgrade our compspace now. Can I change (override) the HTML template programmatically on 2.0.6. The HTML template form used in 2.0.6 is too obtrusive ( with a naked HTML onload, with no java script). So this is more of a bug. Please advise on how I can set the template so JS loading is guaranteed to work 


ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Version 2.0.6 is four years old. The following instructions apply to this version only. We've made it easier to modify the HTTP Post form in more recent versions.

Create a class that derives from HttpPostForm and set the HttpPostForm.FormTemplate property. Be careful to preserve the {displayMessage}, {url} and {hiddenFormVariables} substitution parameters.

The following example specifies the template we use in more recent product versions.


using ComponentSpace.Saml2.Bindings.Post;

public class MyHttpPostForm : HttpPostForm
{
  public MyHttpPostForm()
  {
   FormTemplate =
   @"
   <html>
    <body>
    <noscript>
      <p>
      Since your browser doesn't support JavaScript, you must press the Continue button to proceed.
      </p>
    </noscript>
    {displayMessage}
    <form id=""samlform"" action=""{url}"" method=""post"" target=""_self"">
      <div>
      {hiddenFormVariables}
      </div>
      <noscript>
      <div>
       <input type=""submit"" value=""Continue""/>
      </div>
      </noscript>
    </form>
    </body>
    <script>
    function submitForm() {{
      document.forms.samlform.submit();
    }}

    if (document.readyState === ""loading"") {{
      document.addEventListener(""DOMContentLoaded"", submitForm);
    }} else {{
      submitForm();
    }}
    </script>
   </html>
   ";
  }
}



Specify to use this implementation of IHttpPostForm at application start-up.


services.AddSaml(Configuration.GetSection("SAML"));
services.AddSingleton<IHttpPostForm, MyHttpPostForm>();




Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 3 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search