Unable to run demo: Your session has been disconnected, please logon again

Choon Pien Hiu

Dear all,

I have been trying to run the demos, in order to find out how oiosaml.net works, so that I can adpat it to our project requirements. Both the IDP and SP are running on IIS 8.5 in my windows 8.1 computer. I have make them using .net 2.0 instead of the usual .net 4.5 set in default in IIS 8.5.

However, no matter how I followed the instructions in the documentation provided, I met with this execption:

Error!dk.nita.saml20.Saml20Exception: Your session has been disconnected, please logon again at dk.nita.saml20.protocol.Saml20SignonHandler.CheckReplayAttack(HttpContext context, String inResponseTo) in c:\Users\choonpien\Documents\oiosaml_net_1.7.12\dk.nita.saml20\src\dk.nita.saml20\dk.nita.saml20\Protocol\Saml20SignonHandler.cs:line 342 at dk.nita.saml20.protocol.Saml20SignonHandler.HandleResponse(HttpContext context) in c:\Users\choonpien\Documents\oiosaml_net_1.7.12\dk.nita.saml20\src\dk.nita.saml20\dk.nita.saml20\Protocol\Saml20SignonHandler.cs:line 281

I have searched the forum and found: https://digitaliser.dk/forum/2727777I do not know if the error are similar or it is of other types of problem. By the way, I do know what it means of "So no switch between http and https on a sign -in." and how should I configure this.Thanks for your attention and I have also attached my configuration files for your reference.


C.P. Hiu

ændret af Choon Pien Hiu (28.04.2015)


The server URL must be the site URL (https://choonpienpc) and not https://localhost. 

Changing the server URL and updating the host file should fix the problem.

Also, by convention the SP id should be https://saml.choonpienpc and not https://choonpienpc

Best regards

Kasper Møller

Hi Kasper,

Thank you for reply. I followed your instructions and have made the necessary changes. However, I have encountered another error, as descripted below:


The signature of the incoming message is invalid.

As the information is insufficient I looked at my logs. There is a statement:

INFO 2015-04-29 17:56:04-Session id: d84ba41b-7836-4fa0-a9ef-4076912d0abd, Direction: IN, Operation: AUTHNREQUEST_POST, User IP: fe80::94b1:dc49:32e0:984b%3, Idp ID: https://choonpienpc/IdentityProviderDemo/, Assertion ID: , Message: Invalid signature, assertion: System.Xml.XmlElement, Data:

Can anyone help me with this issue? I have already registered my certificates at the very first steps in the oiosaml.net documentation. I have attached my web.config files and the log files generated.


C.P. Hiu

ændret af Choon Pien Hiu (29.04.2015)

I visit a very surprising site  to delete password windows 10. I don't know such a site where this type of work happen. Really a wonderful site.Now I realise I become a perfect user of window 10.