The SAML SSO API always accesses SAML configuration through the SAMLController.ConfigurationResolver property. It never directly accesses the built-in implementation of ISAMLConfigurationResolver.
There are three different ways to supply SAML configuration.
1. Include a saml.config file. The SAML configuration is loaded into memory, the built-in implementation of ISAMLConfigurationResolver is initialized with this configuration and the SAMLController.ConfigurationResolver property set.
2. Use the SAMLController.Configurations or SAMLController.Configuration property to specify the configuration programmatically. In a similar manner, the built-in implementation of ISAMLConfigurationResolver is initialized with this configuration and the SAMLController.ConfigurationResolver property set.
3. Set the SAMLController.ConfigurationResolver property with a custom implementation of ISAMLConfigurationResolver.
Your implementation of ISAMLConfigurationResolver is accessing the SAMLController.Configurations property. If you accessed the setter for this property it would initialize the built-in implementation of ISAMLConfigurationResolver as outlined in #2 above. If you only accessed the getter it would return an empty SAML configuration.
I'm not sure exactly what's going on here but your custom implementation of ISAMLConfigurationResolver shouldn't be attempting to retrieve its configuration from the SAMLController.Configurations or SAMLController.Configuration properties. Instead, it should retrieve it from wherever you're storing the configuration (eg a custom database).
Also, make sure to set the SAMLController.ConfigurationResolver property once only at application start-up before any of the other SAML APIs are called.
If there's still an issue, please enable SAML trace and send the generated log file as an email attachment to [email protected]
mentioning your forum post.https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
Also, please include your configuration resolver source code.