Reputation: 127
SAML authentication request for the WebSSO profile must not specify any SubjectConfirmations
I'm developing ADFS related project with SAML 2.0 protocol. My application is acting as ServiceProvider. When I typed my credentials and clicked on sign in button, an error occurred. The error statement is An error occurred. Contact your administrator for more information. When I checked the Event Viewer of my windows Server 2012 at which ADFS is installed, it displays the below error detail
Data Saml
Data http://DomainName/adfs/services/trust
Data Microsoft.IdentityServer.Protocols.Saml.SamlProtocolSignatureVerificationException: MSIS7075: SAML authentication request for the WebSSO profile must not specify any SubjectConfirmations. at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolManager.ValidateSignatureRequirements(SamlMessage samlMessage) at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolManager.Issue(HttpSamlRequestMessage httpSamlRequestMessage, SecurityTokenElement onBehalfOf, String sessionState, String relayState, String& newSamlSession, String& samlpAuthenticationProvider, Boolean isUrlTranslationNeeded, WrappedHttpListenerContext context, Boolean isKmsiRequested) at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.RequestBearerToken(WrappedHttpListenerContext context, HttpSamlRequestMessage httpSamlRequest, SecurityTokenElement onBehalfOf, String relyingPartyIdentifier, Boolean isKmsiRequested, Boolean isApplicationProxyTokenRequired, String& samlpSessionState, String& samlpAuthenticationProvider) at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSerializedToken(HttpSamlRequestMessage httpSamlRequest, WrappedHttpListenerContext context, String relyingPartyIdentifier, SecurityTokenElement signOnTokenElement, Boolean isKmsiRequested, Boolean isApplicationProxyTokenRequired) at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSecurityToken(SamlSignInContext context, SecurityToken securityToken, SecurityToken deviceSecurityToken) at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.Process(ProtocolContext context) at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler) at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
Upvotes: 0
Views: 260
Answers (0)
Related Questions
- SAP SAML authentication doesn't accept WS-TRUST URI token
- Spring security ADFS SSO integration - Response doesn't have any valid assertion which would pass subject validation
- ADFS SAML request is not signed with expected signature algorithm
- Client Side ADFS configuration for SAML based WebSSO protocol
- Signature validation failed for SAML Response
- SAML request for SSO from Service provider to ADFS in asp.net C#
- Error "WIF10201: No valid key mapping found" when trying to create claims from SAML
- Requested Authentication Method is not supported on the STS
- Message: ID4223: The SamlSecurityToken is rejected because the SamlAssertion.NotOnOrAfter condition is not satisfied
- SAML WebSSO profile implementation