ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationException

I am working on an Active Directory Federation Services (ADFS) Proof of
Concept and trying some sample code to show identity information.

I am using VS 2005 running on Windows Server 2003 R2 with IIS 6.0.

The ADFS Web Agent for Claims Aware applications is installed. The ADFS Web
Agent for NT Token based application is not installed.

When I add the following section from the ADFS Step by Step document to my
web.config, an execption is thrown.

<httpModules>
<add
name="Identity Federation Services Application Authentication
Module"

type="System.Web.Security.SingleSignOn.WebSsoAuthenticationModule,
System.Web.Security.SingleSignOn, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35, Custom=null" />
</httpModules>

I have tried running the web site under the three built in identities
provide with IIS 6.0, but it makes no difference. I don't want to run the
under a different identity, but its just a suggestion from the error message
text.

Has anyone seen this before? -Thanks

Error message below:

[WebSsoConfigurationException: The ADFS auditing subsystem could not
register itself with the system.
The auditing privilege is not held.


The ADFS component will not be able to start unless it is granted
the auditing privilege.


User Action

ADFS components that write audits must be configured to run as
LocalSystem, NetworkService, or a domain principal that has explicitly
been granted the "Generate Security Audits" privilege (SeAuditPrivilege).


If the failing component is the Federation Service, configure the
application pool (ADFSAppPool) to run as an appropriate principal.


If the failing component is the ADFS Web Agent Authentication Service,
configure the Windows NT service to run as an appropriate principal.


If the failing component is the ADFS Web Agent for claims-aware
applications, configure the application pool for the protected application
to run as an appropriate principal.
]
System.Web.Security.SingleSignOn.NativeMethods.RegisterAuditSource(String
sourceName) +167
System.Web.Security.SingleSignOn.ADFSAuditProvider..ctor(String
sourceName) +38
System.Web.Security.SingleSignOn.WebSsoAuthenticationModule..cctor() +40

[TypeInitializationException: The type initializer for
'System.Web.Security.SingleSignOn.WebSsoAuthenticationModule' threw an
exception.]

[TargetInvocationException: Exception has been thrown by the target of an
invocation.]
System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean
publicOnly, Boolean noCheck, Boolean& canBeCached, RuntimeMethodHandle& ctor,
Boolean& bNeedSecurityCheck) +0
System.RuntimeType.CreateInstanceSlow(Boolean publicOnly, Boolean
fillCache) +103
System.RuntimeType.CreateInstanceImpl(Boolean publicOnly, Boolean
skipVisibilityChecks, Boolean fillCache) +261
System.Activator.CreateInstance(Type type, Boolean nonPublic) +66
System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder
binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
+1036
System.Activator.CreateInstance(Type type, BindingFlags bindingAttr,
Binder binder, Object[] args, CultureInfo culture, Object[]
activationAttributes) +114
System.Activator.CreateInstance(Type type, BindingFlags bindingAttr,
Binder binder, Object[] args, CultureInfo culture) +23
System.Web.HttpRuntime.CreateNonPublicInstance(Type type, Object[] args)
+37
System.Web.HttpRuntime.CreateNonPublicInstance(Type type) +27
System.Web.Configuration.ModulesEntry.Create() +25
System.Web.Configuration.HttpModulesSection.CreateModules() +208
System.Web.HttpApplication.InitModules() +66
System.Web.HttpApplication.InitInternal(HttpContext context,
HttpApplicationState state, MethodInfo[] handlers) +1171

System.Web.HttpApplicationFactory.GetNormalApplicationInstance(HttpContext
context) +301
System.Web.HttpApplicationFactory.GetApplicationInstance(HttpContext
context) +131
System.Web.HttpRuntime.ProcessRequestInternal(HttpWorkerRequest wr) +212
.

Relevant Pages

  • Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
    ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... The ADFS Web Agent for Claims Aware applications is installed. ... If the failing component is the ADFS Web Agent Authentication Service, ... System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
    ... The ADFS Web Agent for Claims Aware applications is installed. ... If the failing component is the ADFS Web Agent Authentication Service, ... System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean ... System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
    ... Assuming that ADFS is installed on the machine you are ... Joe Kaplan-MS MVP Directory Services Programming ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... System.RuntimeTypeHandle.CreateInstance(RuntimeType type, Boolean ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADFS Step-by-step scenario : my config doesnt work :(
    ... Are you trying to set up a trust using a forest trust or are you using ADFS ... exchanged because my DCs haven't received any request from adfsweb. ... access to the "ADFS Web Agent" tab. ...
    (microsoft.public.windows.server.active_directory)
  • ADFS install
    ... In the step by step ADFS install guide on page 20, ... Directory Federation Services (ADFS), and then click Details. ...
    (microsoft.public.windows.server.setup)