ComponentSpace

Forums



The SAML assertion signature failed to verify


The SAML assertion signature failed to verify

Author
Message
Ymly
Ymly
New Member
New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)New Member (2 reputation)

Group: Forum Members
Posts: 1, Visits: 10
Hello,

I am currently testing the ComponentSpace library to connect my Web application to an Azure AD for testing pupose. After reading the documentation, I am  trying to implement the connection with the given example (ExampleServiceProvider - WebForm).

However I am facing the "The SAML assertion signature failed to verify" error message during the assertion (in the callback page AssertionConsumerService.aspx). Here is the log :

4872/27: 11/06/2020 14:23:27: The X.509 certificate with subject name CN=accounts.accesscontrol.windows.net and serial number XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX is embedded in the XML signature.
4872/27: 11/06/2020 14:23:27: The verifying key type is RSACryptoServiceProvider.
4872/27: 11/06/2020 14:23:27: The verifying key's associated cryptographic service provider is "".
4872/27: 11/06/2020 14:23:27: Exception: ComponentSpace.SAML2.Exceptions.SAMLSignatureException: The SAML assertion signature failed to verify.
4872/27: 11/06/2020 14:23:28:  at ComponentSpace.SAML2.InternalSAMLServiceProvider.VerifySAMLAssertionSignature(Object samlAssertion)
 at ComponentSpace.SAML2.InternalSAMLServiceProvider.GetSAMLAssertion(SAMLResponse samlResponse, XmlElement samlResponseElement)
 at ComponentSpace.SAML2.InternalSAMLServiceProvider.ProcessSAMLResponse(XmlElement samlResponseElement, Boolean& isInResponseTo, String& authnContext, String& userName, SAMLAttribute[]& attributes)
 at ComponentSpace.SAML2.InternalSAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& authnContext, String& userName, SAMLAttribute[]& attributes, String& relayState)
 at ComponentSpace.SAML2.SAMLServiceProvider.ReceiveSSO(HttpRequest httpRequest, Boolean& isInResponseTo, String& partnerIdP, String& authnContext, String& userName, IDictionary`2& attributes, String& relayState)
 at ExampleServiceProvider.SAML.AssertionConsumerService.Page_Load(Object sender, EventArgs e) in D:\Downloads\ComponentSpace\SAML for .NET\Examples\SSO\WebForms\ExampleServiceProvider\SAML\AssertionConsumerService.aspx.cs:line 23
 at System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e)
 at System.Web.UI.Control.OnLoad(EventArgs e)
 at System.Web.UI.Control.LoadRecursive()
 at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
 at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
 at System.Web.UI.Page.ProcessRequest()
 at System.Web.UI.Page.ProcessRequestWithNoAssert(HttpContext context)
 at System.Web.UI.Page.ProcessRequest(HttpContext context)
 at ASP.saml_assertionconsumerservice_aspx.ProcessRequest(HttpContext context) in c:\Windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\vs\32e6c620\2f2da05c\App_Web_cjho2sgs.2.cs:line 0
 at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
 at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
 at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
 at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)
 at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)
 at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
 at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
 at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)

Any help is appreciated, Thanks.
ComponentSpace
ComponentSpace
ComponentSpace Development
ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)ComponentSpace Development (4.4K reputation)

Group: Administrators
Posts: 3.2K, Visits: 11K
Please check that the correct partner certificate is configured. The log includes the certificate that's embedded in the signature. This should be the certificate specified in your SAML configuration.

"The X.509 certificate with subject name CN=accounts.accesscontrol.windows.net and serial number XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX is embedded in the XML signature."

If there's still an issue, please send the complete log file as an email attachment to [email protected] mentioning your forum post.

Regards
ComponentSpace Development
GO


Similar Topics


Execution: 0.000. 1 query. Compression Enabled.
Login
Existing Account
Email Address:


Password:


Select a Forum....












Forums, Documentation & Knowledge Base - ComponentSpace


Search