locked
adfs : System.FormatException: Index (zero based) must be greater than or equal to zero and less than the size of the argument list. RRS feed

  • Question

  • Hello,

    I have an error on my ADFS server v3. I have set a new application and i have an error

    Below some details:

    Request authentication:

    <samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_64f656cf-ebd1-4e8c-a61d-d05cdc28ee04" Version="2.0" IssueInstant="2018-11-28T16:33:22.307Z" Destination="https://ADFS" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="https://url.relaying.party">     <saml:Issuer>https://url.relaying.party</saml:Issuer>     <samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" AllowCreate="true"/> </samlp:AuthnRequest>

    Response :

    <samlp:Response ID="_eaa96016-a721-42fc-a1e4-e2ef5ef230cc" Version="2.0" IssueInstant="2018-11-28T13:41:59.513Z" Destination="https://url.relaying.party" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" InResponseTo="_91c64367-6970-409b-b458-7ff68c5c948a" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">

        <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">http://ADFS/adfs/services/trust</Issuer>

        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

            <ds:SignedInfo>

                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

                <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />

                <ds:Reference URI="#_eaa96016-a721-42fc-a1e4-e2ef5ef230cc">

                    <ds:Transforms>

                        <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />

                        <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

                    </ds:Transforms>

                    <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256" />

                    <ds:DigestValue>JOL4dFssqJ/UVTb3ssdoWFjQZZerdA7IaSDUctaOV2Y=</ds:DigestValue>

                </ds:Reference>

            </ds:SignedInfo>

            <ds:SignatureValue>n6sCkaeuCKF6YutpP8OU089B0EtRaD+px/xENbNHAk2oOvprgEE+Cr8kbU5C4RBsmISZ6xjEtKxr7cEyYilVLEjMx1v0PvidMJq8f4qNi5yLwR+9At177DyLZHSafdV2MJmNQ0BpVyz31NlkWLdSxYYd0vVZx4aqiYe18YPdG3ZPmiv6F+8phEUjuYuIbC7zlYBSTFOkOp65NAXJmCaad4ruhg7XrO6PnGKkQ7NAhGfkzyy7eEWLxaCa6GxDrc3+/G8u5xISED6MZHBo+ZWFaLLgv0uBy+LBKfDUHItptQpCX36f7yNI4JyY+PcpbUZlY/C9UX8BurZ67Ksd5KYOuA==</ds:SignatureValue>

            <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">

                <ds:X509Data>

                    <ds:X509Certificate>MIIF8zCCBNugAwIBAgIQXeM8rDOFFRfjMuncfMIZSTANBgkqhkiG9w0BAQsFADCBljELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxPDA6BgNVBAMTM0NPTU9ETyBSU0EgT3JnYW5pemF0aW9uIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTAeFw0xNzAzMjIwMDAwMDBaFw0xOTAzMjIyMzU5NTlaMIHjMQswCQYDVQQGEwJGUjEOMAwGA1UEERMFNzUwMTkxDjAMBgNVBAgTBVBhcmlzMQ4wDAYDVQQHEwVQYXJpczEeMBwGA1UECRMVMTEwIGF2ZW51ZSBkZSBGbGFuZHJlMUQwQgYDVQQKEztDYWlzc2UgTmF0aW9uYWxlIEFzc3VyYW5jZSBWaWVpbGxlc3NlIFRyYXZhaWxsZXVycyBTYWxhcmllczEXMBUGA1UECxMOMDAwMiAxODAwMzUwMzIxDDAKBgNVBAsTA0RTSTEXMBUGA1UEAxMOc2lnbmZzLmNuYXYuZnIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM5s9h8aVTMnZKk1r4l26oDw6WbFECAT3jgreLjjUEIdchz2Av2lbdl/z10YrsIe0O1wrkz6f+nm/4OO63cJrf4CY1v5zoMlt1/xrU5/j+nLAy31BYn+IhxjUYkgQVrTh+YHUNk1sp4ZphjW/lBYAknUd65zbzyWjAydj8gTEKtRv+pAfNqQrHsLifJHcdAICvRkaJNu+pid03FbqyfeJVOFwXr0OZ/bna2DX0HcLB/YM1IgSAyn6CP8c0WUbzCzb1t5TFPb285sCHUBD4KSVPK4OxyjjHrWxtKoLQaMF8juG11UFa2uVzq9OHtYG9mXT/RKiB/2iN895oW3XIlCupAgMBAAGjggHsMIIB6DAfBgNVHSMEGDAWgBSa8yvaz61Pti+7KkhIKhK3G0LBJDAdBgNVHQ4EFgQUzoVp1bMVyD033tEe6LMESnGccp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMFAGA1UdIARJMEcwOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEWHWh0dHBzOi8vc2VjdXJlLmNvbW9kby5jb20vQ1BTMAgGBmeBDAECAjBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLmNvbW9kb2NhLmNvbS9DT01PRE9SU0FPcmdhbml6YXRpb25WYWxpZGF0aW9uU2VjdXJlU2VydmVyQ0EuY3JsMIGLBggrBgEFBQcBAQR/MH0wVQYIKwYBBQUHMAKGSWh0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9ET1JTQU9yZ2FuaXphdGlvblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcnQwJAYIKwYBBQUHMAGGGGh0dHA6Ly9vY3NwLmNvbW9kb2NhLmNvbTAtBgNVHREEJjAkgg5zaWduZnMuY25hdi5mcoISd3d3LnNpZ25mcy5jbmF2LmZyMA0GCSqGSIb3DQEBCwUAA4IBAQBOnbpEkn7zyvE7a3J68tcl1WyWKUf7/K+VkI3WiF3nRw1mlgud/iFAoZZexdyxaBxLwijzbokxdqEn6GwElDXTOZzrmovrKRZU+Imtq5mhp688tkRU9f5MnPQzUVaVGGwCDGLsb/BUHDd4D9HLwBcifFwOTgD0tn5Er2YHKqw3ZFEOr3Z4aXhnY5bHNHPI/qF7HPjF9ejrhWyluAblRaVDI9TRqBiIBkykQxwRhDuWOcm9+mFnA+qoUR8SBttjG+I+/JwhfT2H17at2zNOgcj1pB26ZLHqAwq6IDN1YMtV0NrcALptH4X8ErIPBT6bGj5+fis0BygIjNF5S9sPB6LB</ds:X509Certificate>

                </ds:X509Data>

            </KeyInfo>

        </ds:Signature>

        <samlp:Status>

            <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder" />

        </samlp:Status>

    </samlp:Response>

    Error on ADFS server :

    Additional Data

    Protocol Name:

    Saml

    Relying Party:

    https://url.relaying.party

    Exception details:

    System.FormatException: Index (zero based) must be greater than or equal to zero and less than the size of the argument list.

       at System.Text.StringBuilder.AppendFormatHelper(IFormatProvider provider, String format, ParamsArray args)

       at System.String.FormatHelper(IFormatProvider provider, String format, ParamsArray args)

       at System.String.Format(IFormatProvider provider, String format, Object[] args)

       at Microsoft.IdentityServer.SR.GetString(String name, Object[] args)

       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolManager.ValidateSignatureRequirements(SamlMessage samlMessage)

       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolManager.Issue(HttpSamlRequestMessage httpSamlRequestMessage, SecurityTokenElement onBehalfOf, String sessionState, String relayState, String& newSamlSession, String& samlpAuthenticationProvider, Boolean isUrlTranslationNeeded, WrappedHttpListenerContext context, Boolean isKmsiRequested)

       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.RequestBearerToken(WrappedHttpListenerContext context, HttpSamlRequestMessage httpSamlRequest, SecurityTokenElement onBehalfOf, String relyingPartyIdentifier, Boolean isKmsiRequested, Boolean isApplicationProxyTokenRequired, String& samlpSessionState, String& samlpAuthenticationProvider)

       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSerializedToken(HttpSamlRequestMessage httpSamlRequest, WrappedHttpListenerContext context, String relyingPartyIdentifier, SecurityTokenElement signOnTokenElement, Boolean isKmsiRequested, Boolean isApplicationProxyTokenRequired)

       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.BuildSignInResponseCoreWithSecurityToken(SamlSignInContext context, SecurityToken securityToken, SecurityToken deviceSecurityToken)

       at Microsoft.IdentityServer.Web.Protocols.Saml.SamlProtocolHandler.Process(ProtocolContext context)

       at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)

       at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)



    • Edited by 8646 Friday, November 30, 2018 10:04 AM
    Friday, November 30, 2018 10:04 AM