Forums, Documentation & Knowledge Base - ComponentSpace

Implementing a Service Provider for AWS SSO


https://componentspace.com/forums/Topic11577.aspx

By chezlui - 5/14/2021

Hi.

I need some help, as I am now blocked.
I am coding on asp.net on a web page.

I want a User Logged in from AWS to use My Application.
1) User is Logged in AWS
2) User Clicks on My Application. AWS calls my web page init.aspx
3) Here is the code in Init.aspx


4) I get this error from AWS : 


Here is the saml.config



Here is the AWS SSO Configuration


Can you see where is the problem ?
For full size of images , I have uploaded the files
Thanks



By ComponentSpace - 5/14/2021

Thanks for including these details.

The SAML authn request sent to AWS when you call SAMLServiceProvider.InitiateSSO includes the assertion consumer service URL configured in your saml.config.

AWS is performing a check to ensure this URL matches the ACS URL configured in AWS.

This URL is using HTTP rather than HTTPS. The SAML specification recommends and we require the use of HTTPS. We automatically convert the assertion consumer service URL configured in your saml.config to HTTPS. This is mostly to cover scenarios where a network node terminates SSL. This behaviour can be turned off but if you use HTTP you'll run into other issues regarding SAML session state.

My recommendation is to use HTTPS for your application and update your saml.config and AWS accordingly.

If there's still an issue, please enable SAML trace and send the generated log file as an email attachment to [email protected] mentioning your forum post.

https://www.componentspace.com/Forums/17/Enabing-SAML-Trace