SAMLIdentityProvider.InitiateSSO supports IdP-initiated SSO by creating and sending a SAML response to the SP. The alternative flow is SP-initiated SSO where you call SAMLIdentityProvider.ReceiveSSO to receive and process the SAML authn request sent by the SP and after the user is authenticated you call SAMLIdentityProvider.SendSSO to create and send a SAML response to the SP. In both cases the SAML response is sent to the configured AssertionConsumerServiceUrl. Can you confirm whether you're supporting IdP-initiated or SP-initiated SSO? Is https://login-redirect-url an endpoint in your IdP? If so, as well as the RelayState query string parameter, is there a SAMLRequest parameter? I recommend enabling SAML trace and sending the generated log file as an email attachment to [email protected] mentioning your forum post. We can then take a closer look at what's happening. https://www.componentspace.com/Forums/17/Enabing-SAML-Trace
Regards ComponentSpace Development
|