Error While Generating SP metadata in .NET environment
Problem
When trying to generate SP metadata Generate Command failed with below exception : (.NET and Ubisecure.SAML2.ServiceProvider 1.4.1.50098 (50098))
C:\ProgramData\Ubisecure\Ubisecure.SAML2.ServiceProvider>"C:\Program Files (x86)\Ubisecure\Ubisecure
.SAML2.ServiceProvider\bin\saml2.exe" Generate https://apps.xyz.com/DashboardTest/spsso.ashx
-o Test
Unhandled Exception: System.Security.SecurityException: Request failed.
at Ubisecure.SAML2.Tools.Generate.Main(String[] args)
at Ubisecure.SAML2.Tools.Program.Main(String[] args)
The action that failed was:
LinkDemand
The type of the first permission that failed was:
System.Security.PermissionSet
The demand was for:
<PermissionSet class="System.Security.PermissionSet"
version="1"
Unrestricted="true"/>
The granted set of the failing assembly was:
<PermissionSet class="System.Security.PermissionSet"
version="1">
<IPermission class="System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture
=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Unrestricted="true"/>
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Cultu
re=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="Assertion, UnmanagedCode, Execution"/>
<IPermission class="System.Security.Permissions.KeyContainerPermission, mscorlib, Version=2.0.0.0, C
ulture=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Unrestricted="true"/>
</PermissionSet>
The refused set of the failing assembly was:
<PermissionSet class="System.Security.PermissionSet"
version="1">
<IPermission class="System.Security.Permissions.SecurityPermission, mscorlib, Version=2.0.0.0, Cultu
re=neutral, PublicKeyToken=b77a5c561934e089"
version="1"
Flags="NoFlags"/>
<IPermission class="System.Web.AspNetHostingPermission, System, Version=2.0.0.0, Culture=neutral, Pu
blicKeyToken=b77a5c561934e089"
version="1"
Level="None"/>
<IPermission class="System.Net.WebPermission, System, Version=2.0.0.0, Culture=neutral, PublicKeyTok
en=b77a5c561934e089"
version="1"/>
</PermissionSet>Solution
This is known issue in latest couple of .Net SAML SP versions.
SecurityException error when running saml2.exe happens if .NET runtime 2.0 is installed on the host windows server
Workaround is to create saml2.exe.config file in same folder with saml2.exe to override what runtime version saml2.exe is to use.
saml2.exe.config contents :
<?xml version="1.0"?>
<configuration>
<startup>
<supportedRuntime version="v4.0"/>
</startup>
</configuration>
Highlight important information in a panel like this one. To edit this panel's color or style, select one of the options in the menu.