我创建了一个SSO服务,用于将我的个人SP与我在Windows Server 2012上配置的IdP进行交互。我可以轻松登录到IdP,但是当我的SP向IDP发送工件请求时,它无法在IdP&处理#39; s方面,我得到以下错误:
A SAML request for the required artifact was rejected because the artifact resolution service is not enabled.
Relying party: microsoft:identityserver:sp.abcd.com
This request failed.
User Action
Enable the artifact resolution service.
Use the AD FS Management snap-in to configure or enable the SAML artifact resolution endpoint.
然后在ADFS管理中我启用了工件解析端点服务,但仍然无法解决此问题。如果我缺少任何配置,请建议。
我也得到例外:
Exception details:
Microsoft.IdentityServer.Service.ArtifactResolutionService.ArtifactRequestedFromDisabledServiceException: MSIS3114: SAML request for relying party trust 'microsoft:identityserver:sp.abcd.com' required artifact and was rejected because artifact service is not enabled.
at Microsoft.IdentityServer.Service.SamlProtocol.EndpointResolver.FindSamlResponseEndpointForAuthenticationRequest(Boolean artifactEnabled, AuthenticationRequest request, ScopeDescription scopeDescription)
at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolManager.GetResponseEndpointFromRequest(SamlRequest request, Boolean isUrlTranslationNeeded, ScopeDescription scope)
at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolManager.Issue(HttpSamlRequestMessage httpSamlRequestMessage, SecurityTokenElement onBehalfOf, String sessionState, String relayState, String& newSamlSession, String& samlpAuthenticationProvider, Boolean isUrlTranslationNeeded, WrappedHttpListenerContext context, Boolean isKmsiRequested)
at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.RequestBearerToken(WrappedHttpListenerContext context, HttpSamlRequestMessage httpSamlRequest, SecurityTokenElement onBehalfOf, String relyingPartyIdentifier, Boolean isKmsiRequested, Boolean isApplicationProxyTokenRequired, String& samlpSessionState, String& samlpAuthenticationProvider)
at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSerializedToken(HttpSamlRequestMessage httpSamlRequest, WrappedHttpListenerContext context, String relyingPartyIdentifier, SecurityTokenElement signOnTokenElement, Boolean isKmsiRequested, Boolean isApplicationProxyTokenRequired)
at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSecurityToken(SamlSignInContext context, SecurityToken securityToken, SecurityToken deviceSecurityToken)
at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)