Why signature need in SAML request for ADFS?
Following is the SAML request send to ADFS
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_84e533b7-4310-41de-8ec7-0af7afeb7979" Version="2.0" IssueInstant="2015-12-02T09:44:30Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Destination="https://XXXX.YYYY.ZZZZ/adfs/ls/" AssertionConsumerServiceURL="http://PPP.QQQ.RRR/SPDemo/Consume.aspx">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://XXXX.YYYY.ZZZZ/adfs/services/trust</saml:Issuer>
</samlp:AuthnRequest>
After compressing and converting to Base64String it is redirected to ADFS. URL shown below with SAML request
But I am getting following error
Checking for detail error in Event Viewer I got
It seems that the server required the signed SAML request but I haven't mentioned anywhere that signed SAML request is required. Also SignedSamlRequestsRequired property is set to false
So, Why ADFS 2.0 is asking for signed SAML request?
Is there anything that is needed to be done so that signed SAML request is not required or if required what will be the value of signature that will signed the SAML request?
I am able to solved it.
The problem was with wrong setting of issuer in SAML request.
After setting the appropriate issuer,i.e. http://PPP.QQQ.RRR/SPDemo, as shown in following SAML Request I am able to do SP-Initiated login without any ADFS error
<?xml version="1.0" encoding="UTF-8"?>
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_bd613bda-e506-4747-91c7-96a4d75c67fc" Version="2.0" IssueInstant="2015-12-03T05:51:52Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Destination="https://XXXX.YYYY.ZZZZ/adfs/ls/" AssertionConsumerServiceURL="https://PPP.QQQ.RRR/SPDemo//Consume.aspx">
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://PPP.QQQ.RRR/SPDemo</saml:Issuer>
</samlp:AuthnRequest>
Previously used wrong issuer was http://XXXX.YYYY.ZZZZ/adfs/services/trust
- Client request fails with 502 after 2 minutes
- Difference between express.js and axios.js in Node
- Saving a Postman collection variable from the response body
- Rust Rocket, how to Access Data from a Request URI Query
- WordPress PHP script not correctly being called by Javascript
- Node Express is not sending a custom error message
- CakePHP: Find if is mobile browser in a helper (no access to request handler)
- Request fails when using httpx in python but is successful using Request
- How to automate scraping wikipedia-info box specifically and print the data using python for more (other) wiki page?
- How are parameters sent in an HTTP POST request?
- 403 Error When Making HTTP Request with Retrofit in Kotlin
- Persistent Service Worker in Chrome Extension
- System.Net.WebException in simple HTTPS Request
- Why do HTTPS requests produce SSL CERTIFICATE_VERIFY_FAILED error?
- ERROR API Binance convert limit placeOrder
- Python change instagram profile-picture with requests
- ECONNREFUSED nodeJS with express inside docker container
- ESP8266 and POST request
- Laravel 11 validation requiring a single item in an array has to be one of the following
- Deserializing a JSON object that doesn't work if there are uppercase letters
- Is it right that I have to connect to the server before every request?
- How to send Base64 Image encoded as JSON from C# client to Python FastAPI server?
- Asyncio lock not working when fetching data from API asynchronously
- Laravel validation timesout for huge data
- Sending POST request with Fetch after closing the browser with 'beforeunload' / 'unload' eventlistener is not working
- How to get response SSL certificate from requests in python?
- Does Request.Url.Host include the subdomain?
- Add nested array to Laravel request
- Refit - FromForm / Multipart method not working with request object
- How can I mock requests and the response?