4,827 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 73%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ET4%3C/text%3E%3C/svg%3E)
Please update
Need help with the 500 Internal Server Error while authenticating Azure Active Directory using SAML in .Net 6.0 Core
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(32, 6%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESK%3C/text%3E%3C/svg%3E)
Swamynathan Karthikeyan
5
Reputation points
I'm getting the 500 Internal Server Error while authenticating Azure Active Directory using SAML in .Net 6.0 Core. The same piece of code works in Dev and Qa but fails in Prod environment.
Below is the error message:
IDX20803: Unable to obtain configuration from: 'System.String'. ==>
at Microsoft.IdentityModel.Protocols.ConfigurationManager`1.GetConfigurationAsync(CancellationToken cancel)\r\n
at Microsoft.AspNetCore.Authentication.WsFederation.WsFederationHandler.HandleChallengeAsync(AuthenticationProperties properties)\r\n
at Microsoft.AspNetCore.Authentication.AuthenticationHandler`1.ChallengeAsync(AuthenticationProperties properties)\r\n
at Microsoft.AspNetCore.Authentication.AuthenticationService.ChallengeAsync(HttpContext context, String scheme, AuthenticationProperties properties)\r\n
at Microsoft.AspNetCore.Authorization.Policy.AuthorizationMiddlewareResultHandler.HandleAsync(RequestDelegate next, HttpContext context, AuthorizationPolicy policy, PolicyAuthorizationResult authorizeResult)\r\n
at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context)\r\n
at Microsoft.AspNetCore.Diagnostics.ExceptionHandlerMiddleware.<Invoke>g__Awaited|6_0(ExceptionHandlerMiddleware middleware, HttpContext context, Task task)
Below is the code in Starup.cs -> ConfigureServices
var rawCertData = Convert.FromBase64String(Configuration.GetValue<string>("SamlBase64String"));
X509Certificate2 cert = new X509Certificate2(rawCertData);
SecurityKey signingKey = new X509SecurityKey(cert);
var _tokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidateAudience = false,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidAudience = Configuration.GetValue<string>("SamlentityId"),
IssuerSigningKey = signingKey
};
servicesCollection.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme;
})
.AddWsFederation(options =>
{
options.Wtrealm = Configuration.GetValue<string>("SamlentityId");
options.MetadataAddress = Configuration.GetValue<string>("SamlMetadataAddress");
options.CallbackPath = Configuration.GetValue<string>("SamlCallbackPath");
options.TokenValidationParameters = _tokenValidationParameters;
options.RequireHttpsMetadata = true;
options.Events.OnSecurityTokenValidated = async ctx =>
{
//Get valid used from ctx
Developer technologies | ASP.NET | ASP.NET Core
Windows for business | Windows Client for IT Pros | Directory services | Active Directory
{count} votes
-
Deleted
This comment has been deleted due to a violation of our Code of Conduct. The comment was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
-
Swamynathan Karthikeyan 5 Reputation points
2023-12-22T14:28:54.88+00:00 I want to know if there is an issue in SAML AAD config because this was done by a different team and the same code works fine in other environments.
Sign in to comment