simpleSAMLphp: Unable to find the current binding

Question

I am the SP, I can not loggedin into the SP using IDP of my client, I got below error:

SimpleSAML_Error_Error: ACSPARAMS

Backtrace:
1 modules/saml/www/sp/saml2-acs.php:21 (require)
0 www/module.php:135 (N/A)
Caused by: Exception: Unable to find the current binding.
Backtrace:
2 vendor/simplesamlphp/saml2/src/SAML2/Binding.php:99 (SAML2\Binding::getCurrentBinding)
1 modules/saml/www/sp/saml2-acs.php:16 (require)
0 www/module.php:135 (N/A)

My Configuration for authsource.php is like below:

'abc-live-sp' => array(
        'saml:SP',
         'privatekey' => 'saml.pem',
         'certificate' => 'saml.crt',
         'entityID' => null,
         'idp' => 'https://federation-a.parnassiagroep.nl/superbrains',
         'discoURL' => null,
         'NameIDPolicy' => false,

    ),

Is there anything i am missing?

help will be appreciated.

The exception trace is as below.

Answer 1

In config.php, allow HTTP POST requests. This worked for me.

'enable.http_post' => true

In addition, I restricted ACS URL binding to HTTP-POST. This may not be necessary. 'acs.Bindings' => array( 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST').

I still don't know why the ACS URL and other URLs in the metadata are coming as HTTP links, All the links in the config files are HTTPS.

Answer 2

Did you setup the Identity Provider in your "metadata/saml20-idp-remote.php" file?
It's been a while since I used simplesamlphp but I'm pretty sure you would need to have the Identity Provider (IdP) administrator add you as an "accepted" Service Provider (SP). This is done by sharing your metadata with them.

There is a very handy guide by UNINETT, the creators of simplesamlphp here: https://simplesamlphp.org/docs/stable/simplesamlphp-sp

Someone also had a similar issue: Simplesamlphp unhandled exception error while using as SP