Exception: ComponentSpace.SAML2.Exceptions.SAMLBindingException: The message is not an HTTP POST - azure-active-directory

I am getting below error when I try to configure my application with Azure AD. Any suggestions ?
7848/7: 10/31/2021 11:49:01 AM: Receiving an SSO response from a partner identity provider.
7848/7: 10/31/2021 11:49:01 AM: Service provider session (2aea9585-e1e1-42d2-a67e-ed47d6ef5f09) state:
7848/7: 10/31/2021 11:49:01 AM: Receiving response over HTTP POST.
7848/7: 10/31/2021 11:49:01 AM: HTTPS request:
GET /SAML/AssertionConsumerService.aspx HTTP/1.1
Connection: keep-alive
7848/7: 10/31/2021 11:49:01 AM: Exception: ComponentSpace.SAML2.Exceptions.SAMLBindingException: The message is not an HTTP POST.

I suggest using the browser developer tools (F12) to capture the network traffic to see what's going on. After logging in at Azure AD, you should see an HTTP Post being sent to your assertion consumer service URL. Hopefully looking at the network traffic will shed light on the issue.

Related

AWS API Gateway: 403 MissingAuthenticationTokenException for /static/js/bundle.js even though Authorization is set as None

I have set up this flow:
external world --> AWS API Gateway ---> VPC Link ---> Network Load Balancer ---> my single EC2 instance
The API Gateway is working because when I input the custom domain in my browser, it successfully visits the frontend service running on my EC2 instance.
However, for /static/js/bundle.js, I'm getting a 403 MissingAuthenticationTokenException error:
But the request to the main domain is ok:
Also, all other resources failed:
/static/js/vendors~main.chunk.js
static/js/main.chunk.js
/favicon.ico
/manifest.json
My frontend is written in React JS.
Note that it says: x-amzn-errortype: MissingAuthenticationTokenException.
But I have set the Authorization to be None:
What is going on?

Cross-Origin Request Blocked: Authentication issue

ABP version 4.4 APP with identity server with angular EF core
my angular client send the username and password to identity server that is part of my abp application (mean same URL for api and identity server) that returns me token but after very next request for "api/abp/application-configuration" return with CORs error.
same application work for QA local environment with local config.
same call for "api/abp/application-configuration" work on app start because that time token is not attached in request header
i check my app setting CorsOrigins are matching with IdentityServerClientCorsOrigins
no space issue both angular and front end on https but with different port. you can verify with logs. one thing is strange in log no protocol attach # respond. (domain:1000)
I check and confirm that this is Authentication issue. by comment these two line and Authorize attribute from class
My application works fine. no issue for cors
app.UseAuthentication();
app.UseJwtTokenMiddleware();
system log
2021-09-04 10:42:24.731 -04:00 [INF] Request starting HTTP/2 OPTIONS https://domain:1000/.well-known/openid-configuration - -
2021-09-04 10:42:24.745 -04:00 [INF] CORS policy execution successful.
2021-09-04 10:42:24.751 -04:00 [INF] Request finished HTTP/2 OPTIONS https://domain:1000/.well-known/openid-configuration - - - 204 - - 19.7919ms
2021-09-04 10:42:24.793 -04:00 [INF] Request starting HTTP/2 GET https://domain:1000/.well-known/openid-configuration - -
2021-09-04 10:42:24.794 -04:00 [INF] CORS policy execution successful.
2021-09-04 10:42:46.050 -04:00 [ERR] Exception occurred while processing message.
System.InvalidOperationException: IDX20803: Unable to obtain configuration from: 'System.String'.
System.IO.IOException: IDX20804: Unable to retrieve document from: 'System.String'.
System.Net.Http.HttpRequestException: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond. (domain:1000)
System.Net.Sockets.SocketException (10060): A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
It is not a CORS issue, instead it is because your API (the UseJwtTokenMiddleware part) can't reach your IdentityServer over HTTP(s). I guess you got some DNS/Certificate/Network issue to resolve.

firebase deployment issue with a react app

I'm trying to deploy my react app on firebase but i get this error:
Error: Failed to list Firebase projects. See firebase-debug.log for more info.
and in the firebase-debug.log file this shows:
[info] First, let's associate this project directory with a Firebase project.
[info] You can create multiple project aliases by running firebase use --add,
[info] but for now we'll just set up a default project.
[info]
[debug] [2021-03-20T19:18:31.200Z] > refreshing access token with scopes: []
[debug] [2021-03-20T19:18:31.202Z] >>> HTTP REQUEST POST https://www.googleapis.com/oauth2/v3/token
[debug] [2021-03-20T19:18:32.948Z] <<< HTTP RESPONSE 200 {"expires":"Mon, 01 Jan 1990 00:00:00
GMT","cache-control":"no-cache, no-store, max-age=0, must-revalidate","date":"Sat, 20 Mar 2021 19:18:28 GMT","pragma":"no-cache","content-type":"application/json; charset=utf-8","vary":"X-Origin, Referer, Origin,Accept-Encoding","server":"scaffolding on HTTPServer2","x-xss-protection":"0","x-frame-options":"SAMEORIGIN","x-content-type-options":"nosniff","alt-svc":"h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"","accept-ranges":"none","transfer-encoding":"chunked"}
[debug] [2021-03-20T19:18:33.023Z] >>> [apiv2][query] GET https://firebase.googleapis.com/v1beta1/projects pageSize=100
[debug] [2021-03-20T19:18:35.619Z] Failed to make request: invalid json response body at https://firebase.googleapis.com/v1beta1/projects?pageSize=100 reason: Unexpected token < in JSON at position 0
[debug] [2021-03-20T19:18:37.235Z] FirebaseError: Failed to make request: invalid json response body at https://firebase.googleapis.com/v1beta1/projects?pageSize=100 reason: Unexpected token < in JSON at position 0
at Client.request (C:\Users\john tucker\AppData\Roaming\npm\node_modules\firebase-tools\lib\apiv2.js:109:19)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
[error]
[error] Error: Failed to list Firebase projects. See firebase-debug.log for more info.
I have already tried to logout and login and made sure that my app exists in the firebase console .
I also get this error when I type firebase init in the terminal :
(node:12720) UnhandledPromiseRejectionWarning: FirebaseError: Failed to make request to https://firebase-public.firebaseio.com/cli.json
at Client.doRequest (C:\Users\john tucker\AppData\Roaming\npm\node_modules\firebase-tools\lib\apiv2.js:211:19)
at processTicksAndRejections (internal/process/task_queues.js:97:5)
(node:12720) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). To terminate the node process on unhandled promise rejection, use the CLI flag --unhandled-rejections=strict (see https://nodejs.org/api/cli.html#cli_unhandled_rejections_mode). (rejection id: 1)
(node:12720) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
You have to follow this steps to deploy your react app online with fire-base hosting :
npm run build => Run the following command to create a build directory with a production build of your app
npm install -g firebase-tools => To host your site with Firebase Hosting, you need the Firebase command-line tool (CLI). Run the following npm command to install the CLI on your system globally
firebase login => If you're not logged in, you'll be asked to enter the credentials for your google account.
firebase init => to initialize firebase in your react app
firebase deploy => Firebase will now run the deploying process and will give you a unique URL where your app is deployed

Getting HTTP 401 Error when using Camel-http4 with proxy and sslcontext

I have existing connection using http4(proxyAuthScheme=http4 and endpoint starts with https://<>) and using proxy and using sslContextParametersRef. it was working fine before.
now we have upgraded our new proxy with new proxy and i am started seeing HTTP 401 Error.
all the credentials correct and working before.
https4://test.org/DownloadHandler.ashx?proxyAuthHost=&authPassword=&bridgeEndpoint=true&authUsername=&proxyAuthScheme=http4&proxyAuthPort=&
throwExceptionOnFailure=true&sslContextParametersRef=sslContextParameters&proxyAuthPassword=&disconnect=true&okStatusCodeRange=200-299&
proxyAuthUsername=
sslContext is configured with correct key store and trust store and with TLSv1.2.
all this configuration working before and with new proxy server entry, i am getting HTTP 401 Error.
also i removed proxyAuthScheme=http4 from endpoint uri and i was getting ssl unverified error which is same as in this post. ( https://camel.465427.n5.nabble.com/Using-the-HTTP4-component-to-make-a-HTTPS-call-behind-proxy-sever-td5719105.html )
any help here would be appreciated.

Error on Karaf (Predix 14.3) - 413 FULL head - 413 (Request Entity Too Large)

I have the following architecture
BROWSER <-> Play Framework 2.2.1 + AngularJS <-(REST)-> Karaf
and it works; when I introduce
BROWSER <-> Apache Revere Proxy <->Play Framework 2.2.1 + AngularJS <-(REST)-> Karaf
it works; when I add OpenID authentication
BROWSER <-> Apache Revere Proxy + OpenId Module <->Play Framework 2.2.1 + AngularJS <-(REST)-> Karaf
I get on the browser
Failed to load resource: the server responded with a status of 413
(Request Entity Too Large)
on the play framework log
Request DefaultHttpRequest(chunked: false) GET
/service/connectc/command/prototypes/null HTTP/1.1 Host:
URLXXXXXXXXX:9090 uid: XXXXXXXX
ge_gessocompanyname: Company sm_first_name: Giacomo
Cookie:......
Response DefaultHttpResponse(chunked: false) HTTP/1.1 413 FULL head
Content-Length: 0 Connection: close Server: Jetty(7.6.8.v20121106)
XXXXXX=url and my id name
Indeed the authentication module introduce a very big header with Authentication token, SAML, Cookies etc...information
any suggestion?
UPDATE: it seems an error of Karaf
I solved the issue enabling HTTPS protocol on KARAF; indeed the HTTP header is too small to host authentication (SAML) header.

Resources