ComponentSpace

Forums



A logout response was unexpectedly received.


A logout response was unexpectedly received.

Author
Message
David
David
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Awaiting Activation
Posts: 2, Visits: 17

Hi ComponentSpace:

We got an server error when we tried to logout as service provider. We, as service provider, signout locally, then send logout request to identify provider. Then we got this error message, A logout response was unexpectedly received. Can you help us to find/fix the exception?

Thanks,

David


-----------------------------------------------------------------
A logout response was unexpectedly received.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: ComponentSpace.SAML2.Exceptions.SAMLProtocolException: A logout response was unexpectedly received.

Source Error:

Line 15:             string relayState = null;Line 16: Line 17:             SAMLServiceProvider.ReceiveSLO(Request, out isRequest, out logoutReason, out partnerIdP, out relayState);Line 18: Line 19:             if (isRequest) {

ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Hi David
By default we store SAML SSO session state in the ASP.NET session.
I suspect the ASP.NET session is being cleared or abandoned prior to calling SAMLServiceProvider.ReceiveSLO.
Please ensure that your application doesn't clear or abandon the ASP.NET session until after calling SAMLServiceProvider.ReceiveSLO.
If there's sensitive information stored in the session, you can remove these specific entries at the time of logout but don't clear the entire session until after SAML logout completes.

Regards
ComponentSpace Development
David
David
New Member
New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)New Member (3 reputation)

Group: Awaiting Activation
Posts: 2, Visits: 17
ComponentSpace - 12/12/2017
Hi David
By default we store SAML SSO session state in the ASP.NET session.
I suspect the ASP.NET session is being cleared or abandoned prior to calling SAMLServiceProvider.ReceiveSLO.
Please ensure that your application doesn't clear or abandon the ASP.NET session until after calling SAMLServiceProvider.ReceiveSLO.
If there's sensitive information stored in the session, you can remove these specific entries at the time of logout but don't clear the entire session until after SAML logout completes.

Hi ComponentSpace Development,

It is the issue. Thank you so much!

David
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
You're welcome.

Regards
ComponentSpace Development
mani
mani
New Member
New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)

Group: Forum Members
Posts: 2, Visits: 4
gwang - 12/15/2017
ComponentSpace - 12/12/2017
Hi David
By default we store SAML SSO session state in the ASP.NET session.
I suspect the ASP.NET session is being cleared or abandoned prior to calling SAMLServiceProvider.ReceiveSLO.
Please ensure that your application doesn't clear or abandon the ASP.NET session until after calling SAMLServiceProvider.ReceiveSLO.
If there's sensitive information stored in the session, you can remove these specific entries at the time of logout but don't clear the entire session until after SAML logout completes.

Hi ComponentSpace Development,

It is the issue. Thank you so much!

David

Hi David,

What exactly you have done to resolve this issue ? could you please share the resolution and know how .
Thanks in advance.




ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
The release from a couple of years ago stored SAML SSO state in the ASP.NET session.
The application was clearing the ASP.NET session as part of the logout which meant we didn't have SAML SSO state to process the logout message.
The solution was to not clear the ASP.NET session until after SAML logout completed.
More recent releases don't make use of the ASP.NET session.
If you're getting a similar error I suggest enabling SAML trace and sending the generated log file as an email attachment to [email protected] mentioning your forum post.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace


Regards
ComponentSpace Development
mani
mani
New Member
New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)

Group: Forum Members
Posts: 2, Visits: 4
ComponentSpace - 11/6/2019
The release from a couple of years ago stored SAML SSO state in the ASP.NET session.
The application was clearing the ASP.NET session as part of the logout which meant we didn't have SAML SSO state to process the logout message.
The solution was to not clear the ASP.NET session until after SAML logout completed.
More recent releases don't make use of the ASP.NET session.
If you're getting a similar error I suggest enabling SAML trace and sending the generated log file as an email attachment to [email protected] mentioning your forum post.
https://www.componentspace.com/Forums/17/Enabing-SAML-Trace

Hi team I have just send you the mail please find.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Received. Thanks.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 2 queries. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search