I really like Firefox Developer Edition but in the past I have found multiple issues when just trying to get it going which have often required administrator intervention at other places I've worked. The latest issue I'm running into is that when trying to log into some web application I'm debugging (named XXX.YYY) at a new client site, I get the following server error. I don't get this when I use Internet Explorer as my browser. What can I do to correct it?
Server Error in '/XXX.YYY' Application. ID3204:
WS-Federation SignIn request must specify a 'wtrealm' or 'wreply'
parameter. Description: An unhandled exception occurred during the
execution of the current web request. Please review the stack trace
for more information about the error and where it originated in the
code.
Exception Details:
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessageException:
ID3204: WS-Federation SignIn request must specify a 'wtrealm' or
'wreply' parameter.
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below.
Stack Trace:
[WSFederationMessageException: ID3204: WS-Federation SignIn request
must specify a 'wtrealm' or 'wreply' parameter.]
Microsoft.IdentityModel.Protocols.WSFederation.SignInRequestMessage..ctor(Uri
baseUrl, String realm, String reply) +271
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessage.CreateFromNameValueCollection(Uri
baseUrl, NameValueCollection collection) +753
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessage.TryCreateFromUri(Uri
requestUri, WSFederationMessage& fedMsg) +57
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.GetSignOutCleanupMessage(HttpRequest
request) +34
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.CanReadSignInResponse(HttpRequest
request, Boolean onPage) +188
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object
sender, EventArgs args) +85
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
+142 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +92
Version Information: Microsoft .NET Framework Version:4.0.30319;
ASP.NET Version:4.6.1590.0
I found a solution! It turns out the issue was that Firefox Developer Edition by default will not authenticate with the Windows NT LAN Manager (NTLM) protocol the way IE does out of the box. So, you have to configure it to do so:
Open Firefox Developer Edition and type in about:config in the address bar. You will be
prompted with a warning. Click the "I accept the risk!" button.
Use the ‘Search’ field at the top of the browser just below the address bar to find the network.automatic-ntlm-auth.trusted-uris configuration parameter.
Double-click the name of the configuration parameter, or right-click it and select Modify.
Enter the URLs of the sites you're having trouble authenticating to. Use the format:
https://localhost
There is no need to specify a port number nor a path to any particular page because authentication works on a site by site basis. You can list more than one site by comma-delimiting them. Now, my XXX.YYY web app which I was trying to debug locally runs and authenticates just fine!
Related
I have a webapi service in/under DNN V7 (IIS/10 on Win10 Dev box).
It works fine but i have one scenario i wanted check the response i get with expected basic auth responses since i don't seem to be able to find this answer elsewhere.
Controller method is marked with these attributes (which validates using basic auth)
<HttpGet>
<DnnAuthorize(StaticRoles:="TestRole")>
Providing valid user credentials in basic auth header for a user with this role returns
200 ok. all good so far.
Not providing basic auth header at all, returns 401 not authorised, all good and expected.
however, providing basic auth header with say a wrong password or username, returns 500 internal server error.
So is a 500 error correct if the user/pass IS provided BUT wrong?
In my head i should be getting 401 not authorised as it has credentials to validate, they were just incorrect. So i wouldn't expect it to blow up with an exception, just return not authorised?
the call stack isn't very revealing
[NullReferenceException: Object reference not set to an instance of an object.]
System.Web.Http.WebHost.HttpControllerHandler.EndProcessRequest(IAsyncResult result) +113
System.Web.Http.WebHost.HttpControllerHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result) +10
System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +9836613
System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step) +50
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +163
Does basic auth (or DotNetNuke's implementation of the of the DnnAuthorize attribute) return a 500 error intentionally for security purposes? Did i get a setting or config the api controller wrong? basically what am i missing here?
A 500 status code implies that the server messed up and expects the client to retry, as such it is never related to security, and clearly indicates a problem somewhere.
There are two possible sources of issues:
Configuration of some other middleware in your application.
Validation of username/pass is incorrect, and it is actually passing, but then failing at a later point in your code.
DNN's SDK source has a bug in it.
The reason this is a 500 is because your application isn't handling the failure that is being thrown. It is being caused by one of the two sources (or both above) but as a result your application throws the default 500. It's possible to catch this problem and throw a 401 instead, but it is likely better to tracedown the problem.
First step would be to validate that your code in the step actually isn't being executed. It's possible something there is being executed when you expect it to not be (like userId is NULL instead of the right value), and the problem is really somewhere else.
Also, given that V7 is not the latest version, and from searching around there are other SO instances of DNN having issues before V9, I would suggest validating the problem on a later version. And then if it is still an issue posting it on the relevant github issues.
JSON File
{"web":{"auth_uri":"https://accounts.google.com/o/oauth2/auth",
"client_secret":"c-kaafSexciO7It3QcKxx3BO",
"token_uri":"https://accounts.google.com/o/oauth2/token",
"client_email":"xxx678964-tjkl572knihtgocll9tnadvsdngmnld6#developer.gserviceaccount.com",
**"redirect_uris":["http://www.alfrosia.com"]**,
"client_x509_cert_url":"https://www.googleapis.com/robot/v1/metadata/x509/798911678964-tjkl572knihtgocll9tnadvsdngmnld6#developer.gserviceaccount.com",
"client_id":"xxx1678964-tjkl572knihtgocll9tnadvsdngmnld6.apps.googleusercontent.com",
"auth_provider_x509_cert_url":"https://www.googleapis.com/oauth2/v1/certs",
"javascript_origins":["[http://www.alfrosia.com][1]"]}}
I am specifying proper redirect url in the json file above, but during authentication it is giving wrong url message on browser. While I have given, this as Redirect Uri in json file.
In the error message it says that
redirect_uri=http://localhost:57826/authorize/
is uri_mismatch while I have not specified it in json
But Google OAuth2 authorization Failed ,this error message occurs during authentication process
- Error: redirect_uri_mismatch.
Request Details
scope=https:[//www.googleapis.com/auth/youtube.readonly][3]
response_type=code
redirect_uri=http://localhost:57826/authorize/
access_type=offline
pageId=none
client_id=xxxxx964-tjkl572knihtgocll9tnadvsdngmnld6.apps.googleuserconten
redirect_uri must exactly match what you have set in the Google Developer console. My guess is that your code / client library / IDE is automatically setting the redirect URI based upon the url you are browsing from.
Visual studio for example has a habit of randomly changing the port.
Option 1:
Fix your redirect uri in the Google developer console to
http://localhost:57826/authorize/
option 2:
assuming you are using visual studio fix the project settings so it stops adding a random port.
option 3:
assuming you are using java or visual studio IDE that may be adding this random port. Create a Client ID for native application instead of a Client ID for web application and use that for testing on local host. Do not release Client ID for native application to your live webserver.
"localhost" is not working in Google developer console.
Try 127.0.0.1 as redirect URI and don't use symbols in the URI.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Today I installed the Microsoft Dynamics CRM on my Windows Server 2008 r2.
Everything was fine, but now I can't find the Link to my Hompage.
Can somebody of you tell me the default URL from the Microsoft Dynamics CRM? I just installed the 90 day free Trial version of it.
When I type in my browser: http://localhost/ then I get the Error:
HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
and here are some Informations about my Server:
Detailed Error Information
Module IIS Web Core
Notification AuthenticateRequest
Handler StaticFile
Error Code 0x80070005
Requested URL `http://localhost:80/`
Physical Path C:\inetpub\wwwroot
Logon Method Not yet determined
Logon User Not yet determined
How can I fix that?
If it would be fine, I think, I could enter the URL in my webbrowser and the typical page from the CRM comes?
I use Internet Explorer. And I already have the Administrator rights on my Server.
EDIT: Ok, the Problem with Localhost changed. When I type in Localhost now, i came to the IIS website. But that doesn't helped me a lot. So, what I've done was: I added the Windows authentication to the Server Role from the IIS Server. I found it in the Security part.
But the problem with the URL from CRM is already here.
EDIT EDIT: I found out, that I have the Port 5555 for the CRM. So, when I write in the Internet Explorer: http://localhost:5555/ then appears a very long and complex Error.
Server Error in '/' Application.
--------------------------------------------------------------------------------
Caller does not have enough privilege to set CallerOriginToken to the specified value.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Microsoft.Crm.CrmException: Caller does not have enough privilege to set CallerOriginToken to the specified value.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[CrmException: Caller does not have enough privilege to set CallerOriginToken to the specified value.]
Microsoft.Crm.Extensibility.ExternalMessageDispatcher.VerifyCallerOrigin(ExecutionContext context) +260
Microsoft.Crm.Extensibility.ExternalMessageDispatcher.Execute(String messageName, Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, PropertyBag fields, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +724
Microsoft.Crm.Sdk.RequestBase.Process(Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +149
Microsoft.Crm.Sdk.RequestBase.Process(CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +183
Microsoft.Crm.Sdk.CrmServiceInternal.Execute(RequestBase request, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +465
Microsoft.Crm.Sdk.InProcessCrmService.Execute(Object request) +2688
Microsoft.Crm.Application.Platform.ServiceCommands.PlatformCommand.ExecuteInternal() +368
Microsoft.Crm.Application.Platform.DataSource.RetrieveAvailableLanguages() +40
Microsoft.Crm.Application.Utility.ApplicationLanguage.get_AvailableLanguages() +220
Microsoft.Crm.Application.Controls.AppUIPage.get_AvailableLanguages() +9
Microsoft.Crm.Application.Controls.AnonymousPage.OnInit(EventArgs e) +25
Microsoft.Crm.Application.Web.Pages.ErrorHandlerPage.OnInit(EventArgs e) +211
System.Web.UI.Control.InitRecursive(Control namingContainer) +143
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1477
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.5466; ASP.NET Version:2.0.50727.5456
EDIT: Now it works finaly. The Problem was, that my Account wasn't in the Privacy User Group. I found it on this very helpful blog:
Link 1
Link 2
Link 3
Sorry, I can't post more than 1 link. So I had to do it in Code. Hope this helps somebody who has the same problem.
The url is nice, check if you have another application in port 80. Try set windows authentication in iis, see this. Verify also the access to AD.
You'd probably want to register the CRM server on a different port (we use 5555 for instance), especially if it's for development and not not to be exposed to a customer.
And to answer your question. The address is as follows. Suppose that you've registered two organizations: monkey and donkey.
http://localhost:5555/monkey
http://localhost:5555/donkey
And the discovery etc. services are as follows (for monkey on default port).
http://localhost:80/XRMServices/2011/Discovery.svc
http://localhost:80/CRM-Konsulterna/XRMServices/2011/Organization.svc
http://localhost:80/CRM-Konsulterna/XRMServices/2011/OrganizationData.svc
You need to keep in mind two things (which you probably know of already).
1. Port 80 doesn't need to be specified explicitly, nor does the protocol.
2. Localhost will only work if you're in fact on the server (otherwise, specify the IP).
I'm working with WebClient for some time now. (using the Mango SDK)
Each time I have an error, the error message is always "Not Found". Either the error is due to login problem, server or page not found. Any error code >= 400 cause the same Exception with the same message and no data.
I tried to use the WebRequest/WebResponse but it seems the problem is always the same.
I mean, I know how to write it correctly in C# (for desktop), but on windows phone, I have no way to access the error code nor the response body.
I found many posts talking about the problem, but no solutions are pointed.
Does anyone have a solution or a workaround (even a dirty one...) I'm open to any suggestion.
That (very misleading) error is often caused by an underlying HTTP error.
If you are using HTTPS, it could be because it's a self-signed (or otherwise unsupported) certificate. You can temporarily get around this by emailing the certificate to an account on the phone, but this won't fly in the marketplace.
If the requests aren't HTTPS, you can run Fiddler to find out what the underlying error is. (Pro tip: The WP emulator will only the use Fiddler if Fiddler was running when it started up so you may have to close it down).
To access the data, you need to get the WebException (it may be the InnerException of what is being thrown) and then you can access the Response
Just downloaded a 14 day trial of "ANTS Performance Profiler 6.3" to check performance on my web application. Here are my configuration settings after beginning a new session (via the File menu). I'm on Windows 7 and running IIS 7. This web application is using forms authentication. I just logged into the site, and to the page I specified in the "ASP.NET web application (URL)" field. What could cause this error?
I'm taking a wild guess, I need to give the profiler (user) permissions to my web application, yes? If so, what user can I use? Or do I need to change the application pool Identity user to something different?
Download URL:
http://www.red-gate.com/products/dotnet-development/ants-performance-profiler/
Settings:
Error (after clicking "Start Profiling" button):
Well, when I changed the application pool "Identity" user of my web application from ApplicationPoolIdentity to LocalSystem, it worked. I suppose I could have also changed the user in the service (Control Panel > Services > ANTS Performance Profiler 6 Service) to some other user and used that user.
But then I get another error. As Kip says in Napolean Dynamite, "I love technology."
Stack Trace in Details window:
Could not start w3wp as the specified user. Win32 error code: 87
RedGate.Profiler.Engine.Startup.IIS.IISException
stack trace:
at ..StartProfilingIIS(String , String )
at RedGate.Profiler.Engine.Startup.IIS.IISStarter`1.StartProfilingIIS(String currentUserName, String subprocessVariableValue)
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext)
rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at RedGate.Profiler.Engine.Startup.IIISActuator`1.StartProfilingIIS(String currentUserName, String subprocessVariableValue)
After messing around with the error above for a bit, I tried unchecking this option, and it launched my default browser (which appears to be IE 9). Seems to be working now.