Getting this error when processing one of our customer's SAML requests generated by RSA. May have something to do with NameQualifier. Any one else run into this WIF error before?
Test method CT.iMagio2.Apps.Web.SignIn.Tests.TokenTests.ValidateTokenFromsAcme_RunsWithoutError threw exception:
System.InvalidOperationException: ID4225: The SamlSubject 'System.IdentityModel.Tokens.SamlSubject' is different than the SamlSubject present inside another SamlStatement of this SamlAssertion.
Result StackTrace:
at System.IdentityModel.Tokens.SamlSecurityTokenHandler.ValidateToken(SecurityToken token)
at ....
Looks like SamlSecurityTokenHandler fails here during ValidateStatements:
if ((!StringComparer.Ordinal.Equals(subject.Name, name) || !StringComparer.Ordinal.Equals(subject.NameFormat, nameFormat)) || !StringComparer.Ordinal.Equals(subject.NameQualifier, nameQualifier))
{
throw DiagnosticUtility.ThrowHelperInvalidOperation(System.IdentityModel.SR.GetString("ID4225", new object[] { subject }));
}
