C# 无法强制转换类型为';ComponentSpace.SAML2.Assertions.samlasertion';输入';System.Xml.xmlement';
我是这里的服务提供商,我使用C#。我的客户机发送SAML响应,在允许用户访问我的服务之前,我尝试验证该响应。对于这个特定的客户端,它在这一行抛出“无法投射”错误C# 无法强制转换类型为';ComponentSpace.SAML2.Assertions.samlasertion';输入';System.Xml.xmlement';,c#,saml-2.0,C#,Saml 2.0,我是这里的服务提供商,我使用C#。我的客户机发送SAML响应,在允许用户访问我的服务之前,我尝试验证该响应。对于这个特定的客户端,它在这一行抛出“无法投射”错误 SAMLAssertion samlAssertion = new SAMLAssertion((XmlElement)(samlResponse.Assertions[0])); 这里samlResponse是samlResponse的对象。断言在samlResponse中,但它无法将该断言强制转换为XmlElement。 错误 无
SAMLAssertion samlAssertion = new SAMLAssertion((XmlElement)(samlResponse.Assertions[0]));
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="My Webseite URL to receive SAML Response" ID="_3fe7259adc56de5d" IssueInstant="2018-02-20T21:00:57.313Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"><saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">IDP URL</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /><ds:Reference URI="#_3fe7259adc56de5d"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" /><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs" /></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /><ds:DigestValue>tuVNmHfn7RPXI1j0bzpoNuzJUXY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>wOPI5Bjp+NUstb0udKkXslqTS4jZbvWBPj/trdTXHGq343ECWQQRFUsOfoWrFLwKvsfVqcBpMGYnICs4xS+BZU4jGktakyck0xRcRlROaIGeAZY0Ywran821h9CUdLntNqNTGrj5zyPpWGBvmvmr74oVFUo/LmPctuMWLOTfmA2n3b6VrG1YG5YEDb9VodoSWxjyKJNmZNFSriWX79U+WkTw1N3h6z4BryJwMbsMeIQN9TkwkL/qzBKSt5z1+gF54KBBm4GvJ59+Ko8mt0TflJsmSVsxq68eyqvBZp6hvDVMbNC1JRim4q+BHRU3C1OANCHM4ZUOhpKdG7Xo2VHLXw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>Certificate </ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Status><saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></saml2p:Status><saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_3fd1bf8e757aecea" IssueInstant="2018-02-20T21:00:57.313Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">IDP URL</saml2:Issuer><saml2:Subject><saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">110015</saml2:NameID><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml2:SubjectConfirmationData NotOnOrAfter="2018-02-20T21:03:57.313Z" Recipient="My Webseite to receive saml response" /></saml2:SubjectConfirmation></saml2:Subject><saml2:Conditions NotBefore="2018-02-20T20:57:57.313Z" NotOnOrAfter="2018-02-20T21:03:57.313Z"><saml2:AudienceRestriction><saml2:Audience>My website url to receive saml response</saml2:Audience></saml2:AudienceRestriction></saml2:Conditions><saml2:AuthnStatement AuthnInstant="2018-02-20T20:57:57.313Z" SessionIndex="_3fd1bf8e757aecea"><saml2:SubjectLocality Address="216.6.202.133" /><saml2:AuthnContext><saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef></saml2:AuthnContext></saml2:AuthnStatement><saml2:AttributeStatement><saml2:Attribute FriendlyName="NameID" Name="NameId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">110015</saml2:AttributeValue></saml2:Attribute></saml2:AttributeStatement></saml2:Assertion></saml2p:Response>
IDP2)2)vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvQVBZP6HVDVMBNC1JRIM4Q+BHRU3C1OANCHM4ZUOhpKdG7Xo2VHLXw==证书IDP URL110015My接收saml响应的网站url url N:oasis:names:tc:saml:2.0:ac:classes:PasswordProtectedTransport110015
PS:我使用sample中的签名断言测试了saml响应,它使用相同的代码工作良好 我刚刚在继承的代码库中遇到了完全相同的问题,抛出异常的代码行与您的代码行完全相同 到目前为止,我得到的是属性断言包含三种不同的内容: 该列表可能包含未加密和未签名的SAML断言作为SAMLAssertion对象,签名的SAML断言作为XmlElement对象,加密的SAML断言作为EncryptedAssertion对象 我比较了我们的SAML响应,似乎相似之处在于我们的签名元素不是断言元素的子元素 我联系了IdP,要求他们在声明中添加签名,这似乎为我们解决了这个问题 列出依赖于数据的不同类型的项目,在我的书中有点难闻