Why signature need in SAML request for ADFS?
Following is the SAML request send to ADFS
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_84e533b7-4310-41de-8ec7-0af7afeb7979" Version="2.0" IssueInstant="2015-12-02T09:44:30Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Destination="https://XXXX.YYYY.ZZZZ/adfs/ls/" AssertionConsumerServiceURL="http://PPP.QQQ.RRR/SPDemo/Consume.aspx">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://XXXX.YYYY.ZZZZ/adfs/services/trust</saml:Issuer>
</samlp:AuthnRequest>
After compressing and converting to Base64String it is redirected to ADFS. URL shown below with SAML request
But I am getting following error
Checking for detail error in Event Viewer I got
It seems that the server required the signed SAML request but I haven't mentioned anywhere that signed SAML request is required. Also SignedSamlRequestsRequired property is set to false
So, Why ADFS 2.0 is asking for signed SAML request?
Is there anything that is needed to be done so that signed SAML request is not required or if required what will be the value of signature that will signed the SAML request?
I am able to solved it.
The problem was with wrong setting of issuer in SAML request.
After setting the appropriate issuer,i.e. http://PPP.QQQ.RRR/SPDemo, as shown in following SAML Request I am able to do SP-Initiated login without any ADFS error
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_bd613bda-e506-4747-91c7-96a4d75c67fc" Version="2.0" IssueInstant="2015-12-03T05:51:52Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Destination="https://XXXX.YYYY.ZZZZ/adfs/ls/" AssertionConsumerServiceURL="https://PPP.QQQ.RRR/SPDemo//Consume.aspx">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://PPP.QQQ.RRR/SPDemo</saml:Issuer>
</samlp:AuthnRequest>
Previously used wrong issuer was http://XXXX.YYYY.ZZZZ/adfs/services/trust
- Laravel 10 - CSRF API request
- Validation and Data Generation Methods in Laravel: Which Method is Better?
- TypeError - ctx.request.body is not a function
- authentication json web token springboot angular
- Swift 3.1 - Unable to fetch facebook friends id
- How to forward a node request using axios?
- Detecting request type in PHP (GET, POST, PUT or DELETE)
- Program and run directly in Azure Container App
- Retry Request When Its Failed
- Access the time stamp of a HTTP request in Node.js
- Node override request IP resolution
- Paging (oracle database)
- How to get HTTP request headers in Ktor
- Unable to verify leaf signature
- Laravel 8+, pass request into route manually, is it possible?
- Opensocial v9 : Is there a way of requesting only certain field from orkut
- Error TS7006: Parameter 'req' implicitly has an 'any' type
- How to solve flutter web api cors error only with dart code?
- Firebase Firestore REST Request - Query and Filter
- @JsonRootName not working with @RequestBody
- Github API is responding with a 403 when using Request's request function
- Adding property to the request using Node and Express
- How to make a get body travel method?
- Proxy does not work in nodejs request module
- http.request body forwarding breaks request
- Not able to scrape the all the reviews
- API binance P2P I only access a part (only the BUY) and not all of it (BUY and SELL)
- Twitter request does not return all followers
- AlamoFire Sending Nil
- iOS Marvel API: How to get all Characters