I have upgraded to the latest stable version of ComponentSpace.Saml2.Net (6.5.0). So I had to refactor the code changing the old syntax: "PartnerCertificateString=..., SecondaryPartnerCertificateString=..., etc... " to the newer syntax using the "List" to define the certificates used.
When logging in via SSO, I get this error. It was working fine before.
I've searched online for the error and I found this thread on ComponentSpace's forum: https://componentspace.com/forums/12428/ but none of the solutions there seem to work.
I'm using https and I've added the following rule to the Web.config:
<system.webServer>
<rewrite>
<outboundRules>
<rule name="Set SAML session cookie flags">
<match serverVariable="RESPONSE_Set_Cookie" pattern="SAML_SessionId=[^;\s]*" />
<action type="Rewrite" value="{R:0}; Path=/; Secure; HttpOnly; SameSite=None" />
</rule>
</outboundRules>
</rewrite>
</system.webServer>
I can see the SAML_sessionId cookie in the browser's storage
I have found the answer:
I've been using MySql to store SSO Sessions and I had to add UpdateDateTime and ExpirationDateTime columns of type DateTime NULL to the SSOSessions table.
That was the only issue.
I found about the issue by enabling SAML trace and checking the logs. (https://www.componentspace.com/Forums/17/Enabing-SAML-Trace)