When troubleshooting issues with SAML2 it can be useful to enable logging against the Componentspace SAML component.

Before beginning, note that editing the web.config files will cause the application to restart, disconnecting any users, so this should be set up when no users are accessing the system.

To configure:

• Create a folder called logs within the application folder, i.e. for the desktop application the path is SamlMvc\logs, for the WebUI it is WebUI\logs
• Ensure that the logs folder(s) can be written to by the application's application pool user
• Within the <configuration> section of the web.config file (for either or both the SamlMvc and WebUI, depending on which you're troubleshooting), add the following XML (note that the block should go above the </configuration> tag): 

 <system.diagnostics>
    <trace autoflush="true">
      <listeners>
         <add name="CyclicTextWriter"/>
      </listeners>
    </trace>
    <sources>
      <source name="ComponentSpace.SAML2" switchValue="Verbose">
        <listeners>
          <add name="CyclicTextWriter"/>
        </listeners>
      </source>
    </sources>
    <sharedListeners>
      <!-- Ensure IIS has create/write file permissions for the log folder. -->
      <add 
        name="CyclicTextWriter" 
        type="ComponentSpace.SAML2.Utility.CyclicTraceListener,ComponentSpace.SAML2" 
        initializeData="logs"/>
    </sharedListeners>
</system.diagnostics>

• Save
• After completing the edits, restart the application pools for the applications

After completing these steps, when attempting to log in a log file will be created at SamlMVC\logs or WebUI\logs.

The two attached log files show successful login sessions.

Reference

https://www.componentspace.com/Forums/17/Enabing-SAML-Trace