+xThe best option is to enable the SAML trace.
Note that ReceiveSsoAsync is part of our SAML product for ASP.NET Core.
Enabling trace is the best option when debugging issues.
https://www.componentspace.com/Forums/7936/Enabling-SAML-TraceThe trace captures the SAML response and includes details about signature failures etc.
Thank you for your information.
I am using NLog instead of AddSerilog .
I use the logic as you mentioned and appsettings is also configured with LowLevel Warning. It logs error but doesn't have SAML response on it.
Below is code in Program.cs :
public static IWebHost BuildWebHost(string[] args) =>
WebHost.CreateDefaultBuilder(args)
.UseKestrel()
.UseContentRoot(Directory.GetCurrentDirectory())
.UseIISIntegration()
.UseStartup<Startup>()
.ConfigureLogging(logging =>
{
logging.ClearProviders();
logging.SetMinimumLevel(Microsoft.Extensions.Logging.LogLevel.Trace);
})
.UseNLog() // NLog: setup NLog for Dependency injection
.Build();
Error logs :
at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync()
2018-09-17 13:09:46.2119|ERROR|DESKTOP-E17ARME|YourCause.IdentityServer|Connection id "0HLGSP1P7LD11", Request id "0HLGSP1P7LD11:00000002": An unhandled exception was thrown by the application.System.Exception: An error was encountered while handling the remote login. ---> System.AggregateException: One or more errors occurred. (The SAML response isn't signed.) ---> ComponentSpace.Saml2.Exceptions.SamlSignatureException: The SAML response isn't signed.
at ComponentSpace.Saml2.SamlServiceProvider.VerifySamlResponseSignatureAsync(XmlElement samlResponseElement)
at ComponentSpace.Saml2.SamlServiceProvider.ProcessSamlResponseAsync(XmlElement samlResponseElement)
at ComponentSpace.Saml2.SamlServiceProvider.ReceiveSsoAsync()
--- End of inner exception stack trace ---
at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)
at YourCause.IdentityServer.Host.Security.Saml2.Saml2AuthenticationHandler.HandleRemoteAuthenticateAsync() in C:\anilkhadka\YourCause\application\YourCauseProject\IdentityServer\YourCause.IdentityServer.v2\YourCause.IdentityServer.Host\Security\Saml2\Saml2AuthenticationHandler.cs:line 125
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
--- End of inner exception stack trace ---
at Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler`1.HandleRequestAsync()
at IdentityServer4.Hosting.FederatedSignOut.AuthenticationRequestHandlerWrapper.HandleRequestAsync() in C:\local\identity\server4\IdentityServer4\src\IdentityServer4\Hosting\FederatedSignOut\AuthenticationRequestHandlerWrapper.cs:line 38
at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.Cors.Infrastructure.CorsMiddleware.Invoke(HttpContext context)
at IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context) in C:\local\identity\server4\IdentityServer4\src\IdentityServer4\Hosting\BaseUrlMiddleware.cs:line 36
at Microsoft.AspNetCore.Diagnostics.StatusCodePagesMiddleware.Invoke(HttpContext context)
at Microsoft.AspNetCore.StaticFiles.StaticFileMiddleware.Invoke(HttpContext context)
at YourCause.IdentityServer.Host.Startup.<>c.<<Configure>b__6_0>d.MoveNext() in C:\anilkhadka\YourCause\application\YourCauseProject\IdentityServer\YourCause.IdentityServer.v2\YourCause.IdentityServer.Host\Startup.cs:line 122
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.AspNetCore.Server.IISIntegration.IISMiddleware.Invoke(HttpContext httpContext)
at Microsoft.AspNetCore.Server.Kestrel.Core.Internal.Http.HttpProtocol.ProcessRequests[TContext](IHttpApplication`1 application)
Please let me know if you need more information.