I'm trying to get the sample MVC application from Kentor AuthServices deployed to Azure and using Okta as the IDP. I've jumped a few hurdles but have stumbled on the CryptographicException "The data protection operation was unsuccessful". I'm unsure how to resolve it.
When this occurs the URL in the browser is https://mysite.azurewebsites.net/AuthServices/Acs
Any assistance is appreciated, thanks.
Below is the kentor section of my web.config. I don't have an identity server so removed all the federation config..
<kentor.authServices entityId="https://mysite.azurewebsites.net/AuthServices"
returnUrl="https://mysite.azurewebsites.net/"
authenticateRequestSigningBehavior="Never">
<identityProviders>
<add entityId="http://www.okta.com/1111111"
allowUnsolicitedAuthnResponse="true" binding="HttpRedirect"
metadataLocation="https://dev-11111.oktapreview.com/app/1111111/sso/saml/metadata"
loadMetadata="true">
<signingCertificate fileName="~/App_Data/okta.cert" />
</add>
</identityProviders>
Let me know if I can provide any further info to assist you in assisting me!
It was actually an Azure issue as Anders points out. The fix was to add the following to web.config:
<system.identityModel>
<identityConfiguration>
<securityTokenHandlers>
<add type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</securityTokenHandlers>
</identityConfiguration>
</system.identityModel>
Looks like a bug in Kentor.AuthServices. I've recently done some rewriting which makes use of data protection API so something might be wrong there. Please file an issue at the github site and include the stack trace of the exception as well as information on what API module you are using (MVC, HttpModule or OWIN).
Related
Ok, there already is a similar issue. It is, however not exactly the same and the solution I got was not derived from the other issue's solution.
Here's my Web.Config setup:
<connectionStrings>
<add name="ADOEntities" connectionString="metadata=res://*/ADOModel.csdl|res://*/ADOModel.ssdl|res://*/ADOModel.msl;provider=Devart.Data.Oracle;provider connection string="User Id=dbUser;Password=*****;Server=oracleserver;Persist Security Info=True"" providerName="System.Data.EntityClient" />
</connectionStrings>
Everything runs fine on my machine (sic), but when I tried to set the ws up on the quality server, I got the error on the title.
I got it working by following the steps in this ADO.NET link. Particularly,
You need to remove the defaultConnectionFactory registration and to add the Entity Framework provider registration by registering it in the entityFramework section
So the line defaultConnectionFactory must go
<entityFramework>
<providers>
<provider invariantName="Devart.Data.Oracle" type="Devart.Data.Oracle.Entity.OracleEntityProviderServices, Devart.Data.Oracle.Entity.EF6, Version=9.6.696.0, Culture=neutral, PublicKeyToken=09af7300eec23701" />
</providers>
</entityFramework>
Then, add the System.Data section. In my case it looks like this:
<system.data>
<DbProviderFactories>
<remove invariant="Devart.Data.Oracle" />
<add name="dotConnect for Oracle" invariant="Devart.Data.Oracle" description="Devart dotConnect for Oracle" type="Devart.Data.Oracle.OracleProviderFactory, Devart.Data.Oracle, Version=9.6.696.0, Culture=neutral, PublicKeyToken=09af7300eec23701" />
</DbProviderFactories>
</system.data>
If that still doesn't do the trick for you -- And it didn't for me -- try adding the following line to your context class:
[DbConfigurationType(typeof(Devart.Data.Oracle.Entity.OracleEntityProviderServicesConfiguration))] //Add this line
public partial class ADOEntities : DbContext
You might want to create a partial class, incase you're using ADO, Devart, or other auto-generated entity model, to avoid having this piece of code in an auto-generated class
I have been toiling with an issue with mysql connector on and off for the past 3 months using a workaround. I even filed a bug report recently. However, I have found multiple instances of mysql connector failing in situations of advanced linq use. Some dating back to 2009 ( 3 years ) and still unresolved. In almost every instance, the user switched connectors.
I am considering doing the same. However, I came across looking at where mysql connector exists inside of my project. From what I can tell, it is only an included .dll (mysql.data and mysql.data.entity). After that, it is referenced only in web.config.
The first reference to the connector is in the connection string, providerName = "MySql.Data.MySqlClient".
The second reference is the definition of the provider
<system.data>
<DbProviderFactories>
<clear />
<add name="MySQL Data Provider" invariant="MySql.Data.MySqlClient"
description=".Net Framework Data Provider for MySQL"
type="MySql.Data.MySqlClient.MySqlClientFactory, mysql.data, Version=6.5.4.0,
Culture=neutral, PublicKeyToken=c5687fc88969c44d" />
</DbProviderFactories>
</system.data>
The third is inside of the assemblies
<add assembly="mysql.data, Version=6.5.4.0, Culture=neutral, PublicKeyToken=c5687fc88969c44d" />
And the last is another assembly reference
<dependentAssembly>
<assemblyIdentity name="MySql.Data" publicKeyToken="c5687fc88969c44d" culture="neutral" />
<bindingRedirect oldVersion="0.0.0.0-6.5.4.0" newVersion="6.5.4.0" />
</dependentAssembly>
Is this really the whole footprint of the connector?
Is this really the whole footprint of the connector?
Yes and no.
Yes
As far as the project which references the connector is concerned, this is the whole footprint. The only configuration that needs to be made is to have MySql.Data and MySql.Data.Entity added as references to the project. Usually these are inside of the packages folder, and are then copied into the bin folder once a reference has been added.
No
The connector has a lot of internal code going on. Because of where it is defined, the connector inherits from and extends on the DbProviderFactory. This extension involves many classes and sub classes which determine how the interaction to mysql is enacted. Because it is open source, the actual code can be downloaded from oracle.
I have a problem deploying a MVC3 project IIS server, the project runs well in my local machine, but not in the server the errors say's this
Parser Error Message: The supplied credential is invalid.
This is the line of configuration of my merbership Provider
<add name="MembershipADProvider" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" applicationName="AtentoCNEHoraExtra" connectionStringName="ADConnectionString" attributeMapUsername="sAMAccountName" />
What could be wrong???
I found the solution to my problem, I have to modify the identity of the process model associated with the pool .NET 4 in the configuration on my IIS
The value that has by default was ApplicationPoolIdentity and I have to changed to NetworkService
This configuration can be made in ISS --> Application Pool ----> .Net 4---> Advanced Settings --> Process Model
I hope that helps to others
I'm troubleshooting a WCF problem in our application, and turned on WCF tracing with the WCF Service Configuration Editor in VS 2010, which added the following sharedListener to the web.config:
<sharedListeners>
<add initializeData="D:\Logs\CRCCustomerService\Web_tracelog.svclog"
type="System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"
name="ServiceModelTraceListener" traceOutputOptions="Timestamp">
<filter type="" />
</add>
</sharedListeners>
Now, when I take steps to reproduce my error, I'm getting an exception thrown from the System.Diagostics library saying that it can't find XmlWriterTraceListener:
Stack Trace:
System.TypeInitializationException: The type initializer for 'System.ServiceModel.DiagnosticUtility' threw an exception. ---> System.Configuration.ConfigurationErrorsException: Couldn't find type for class System.Diagnostics.XmlWriterTraceListener, System, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089.
at System.Diagnostics.TraceUtils.GetRuntimeObject(String className, Type baseType, String initializeData)
at System.Diagnostics.TypedElement.BaseGetRuntimeObject()
at System.Diagnostics.ListenerElement.GetRuntimeObject()
at System.Diagnostics.ListenerElement.GetRuntimeObject()
at System.Diagnostics.ListenerElementsCollection.GetRuntimeObject()
at System.Diagnostics.TraceSource.Initialize()
at System.Diagnostics.TraceSource.get_Listeners()
And it goes on for several more lines, but this establishes the context.
My question is, since, according to ObjectBrowser and Reflector, XmlWriterTraceListener is a member class of the same assembly that System.Diagnostics is, how can it NOT not be able to find it?
And secondly, since every single line in the exception stack comes from system code, how on earth do I begin to debug the root cause here?
Are you using .NET 4.0?
If not, you have to beware the service config utility. It will hard code the version of the listener to 4.0 and you'll need to manually change your web.config
where can i find SharedCache with fluent nhibernate getting started guid
There is very little documentation I've found for getting SharedCache working with NHibernate, let alone doing it fluently. However, it's not a hard process:
You need to tell NHibernate you're using SharedCache as a cache provider. Another Stack Overflow answer gives a sample implementation for Fluent NHibernate. The key bit is the Cache function, except here you will want to use NHibernate.Caches.SharedCache.SharedCacheProvider instead of NHibernate.Cache.HashtableCacheProvider.
As an aside, to configure it non fluently you use something like this in your configuration:
<add key="hibernate.cache.provider_class" value="NHibernate.Caches.SharedCache.SharedCacheProvider, NHibernate.Caches.SharedCache" />
Or, if you're configuring via Spring.NET with the rest of your NHibernate configuration entries:
<entry key="cache.provider_class" value="NHibernate.Caches.SharedCache.SharedCacheProvider, NHibernate.Caches.SharedCache" />
You will then need to add web.config / app.config entries for the cache as you would when using SharedCache without NHibernate, for example:
<configSections>
<section name="indexusNetSharedCache" type="MergeSystem.Indexus.WinServiceCommon.Configuration.Client.IndexusProviderSection, MergeSystem.Indexus.WinServiceCommon" />
</configSections>
<indexusNetSharedCache defaultProvider="IndexusSharedCacheProvider">
<servers>
<add key="myServer1" ipaddress="127.0.0.1" port="48888"/>
</servers>
<providers>
<add name="IndexusSharedCacheProvider" type="MergeSystem.Indexus.WinServiceCommon.Provider.Cache.IndexusSharedCacheProvider, MergeSystem.Indexus.WinServiceCommon" />
</providers>
</indexusNetSharedCache>
You can find plenty more information about configuring a SharedCache client on their website, although be sure to configure each server too.
Hope this helps - I haven't been able to fully test this, so I may've made a mistake somewhere.