[英]Error in response while using SAML oneLogin code to connect to ADFS as iDP
We are able to login to the ADFS iDP through the saml OneLogin java application. 我们可以通过saml OneLogin Java应用程序登录到ADFS iDP。 we have followed below steps to Edit the Claim rules of Relying Party(ADFS) to:
我们已按照以下步骤将依赖方的索赔规则(ADFS)编辑为:
But it gives below exception: 但是它给出了以下异常:
Microsoft.IdentityServer.Protocols.Saml.InvalidNameIdPolicyException: MSIS7070: The SAML request contained a NameIDPolicy that was not satisfied by the issued token.
Microsoft.IdentityServer.Protocols.Saml.InvalidNameIdPolicyException:MSIS7070:SAML请求包含一个已发行令牌不满足的NameIDPolicy。 Requested NameIDPolicy: AllowCreate: True Format: urn:oasis:names:tc:SAML:1.1:nameid-format: emailAddress SPNameQualifier: .
请求的NameIDPolicy:AllowCreate:True格式:urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress SPNameQualifier:。 Actual NameID properties: null.
实际的NameID属性:null。
Please advice how to resolve this error. 请建议如何解决此错误。 Thanks for your help.
谢谢你的帮助。
I have resolved this exception. 我已经解决了这个例外。 It required to add email address in the properties of Active Directory Users and Computers on ADFS server.
它要求在ADFS服务器上的Active Directory用户和计算机的属性中添加电子邮件地址。 Also, the NameID format property should be set as "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" Thanks everyone for your support.
另外,NameID格式属性应设置为“ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress”谢谢大家的支持。 Hopefully, this might help someone.
希望这可以对某人有所帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.