Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Todd Fleenor <ToddFleenor@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 13 Feb 2007 13:00:01 -0800
That sounds like a promising idea.
I would have thought VS would not have tried to use the built in web server
since I installed the software on Windows Server 2003.
The pages in the site are being hosted from within the IIS 6.0 default web
site.
However, perhaps VS 2005 is substituing the built in server anyway when it
tries to debug..(?)
Here is what I tried:
1. Closed the VS project
2. Select File Open Web site
3. Local IIS (instead of file system)
4. Selected the default web site
5. Built the solution
6. Pressed F5
7. Looks promising because I get the warning dialog telling me the self
signed cert I installed as part of the setup process is not reallly valid. I
proceed anyway.
6. The site throws an InvalidOperationException that does not dissappear no
matter how long I wait between tries.
I'll keep trying... :) (and, thanks for the suggestions)
Server Error in '/adfs' Application.
--------------------------------------------------------------------------------
The request has been rejected because it appears to be a duplicate of a
request from this same client browser session within the last 20 seconds.
Description: An unhandled exception occurred during the execution of the
current web request. Please review the stack trace for more information about
the error and where it originated in the code.
Exception Details: System.InvalidOperationException: The request has been
rejected because it appears to be a duplicate of a request from this same
client browser session within the last 20 seconds.
Source Error:
An unhandled exception was generated during the execution of the current web
request. Information regarding the origin and location of the exception can
be identified using the exception stack trace below.
Stack Trace:
[InvalidOperationException: The request has been rejected because it appears
to be a duplicate of a request from this same client browser session within
the last 20 seconds.]
System.Web.Security.SingleSignOn.LSAuthenticationObject.RejectBadMessagesPhase2() +634
System.Web.Security.SingleSignOn.LSAuthenticationObject.EnsureCurrent(HttpContext context) +432
System.Web.Security.SingleSignOn.LSAuthenticationModule.OnEnter(Object o,
EventArgs args) +153
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +92
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&
completedSynchronously) +64
"Joe Kaplan" wrote:
That's really weird. I haven't actually tried to use VS.NET on a machine.
that actually had ADFS installed and I don't like using the built in web
server in 2005 as it often gives very misleading results due to the security
context it runs under. As such, I don't have any experience with any weird
quirks that one runs into with this type of set up.
It doesn't make any sense at all to me why this would work with your local
IIS but not with built in web server unless ADFS takes some specific
dependency on IIS that I'm unaware of. That is certainly possible though,
so that could be the crux of the issue. If you had a full stack trace of
the error you are getting, I could try to go dig around in the code and see
if I can figure what's up.
I'd suggest running in IIS exclusively and try to set up your dev
environment so that you aren't using the built in web server. :) You can
definitely still debug in this setup (just like you could in 2003 VS), so
that shouldn't be a limiting factor (although you may need to attach to the
process manually to make it work).
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Todd Fleenor" <ToddFleenor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:B5C62BF4-B4AB-4524-98B1-5E2C779A6DAA@xxxxxxxxxxxxxxxx
As an additional troubleshooting measure, I copied over the default.aspx,
default.aspx.cs, and web.config from the MS ADFS Step by Step guide
document.
These sample files produce the same error when attempting to run the
applicaiton inside Visual Studio 2005. Starting without debugging produces
the same error.
The project builds, but will not run with the HTTP Module section included
in the web.config.
Interestingly enough, the sample code runs fine as long as the web browser
session is initiated outside visual studio.
If the HTTP Module section is removed, the sample code will run inside
Visual Studio, but will report "Single Sign On isn't installed"
"Joe Kaplan" wrote:
It looks fine to me. Assuming that ADFS is installed on the machine you
are
testing with I don't see an immediate reason why it would not work.
Is there any additional information you can provide about how you have
your
dev machine set up or any other error into available?
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Todd Fleenor" <ToddFleenor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:94863762-F747-4396-9027-4BAF5E87BEEC@xxxxxxxxxxxxxxxx
Web.config is listed below. Thanks.
<configuration
xmlns="http://schemas.microsoft.com/.NetConfiguration/v2.0";>
<configSections>
<sectionGroup name="system.web">
<section name="websso"
type="System.Web.Security.SingleSignOn.WebSsoConfigurationHandler,
System.Web.Security.SingleSignOn, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35, Custom=null" />
</sectionGroup>
</configSections>
<appSettings/>
<connectionStrings/>
<system.web>
<compilation debug="true" defaultLanguage="c#">
<assemblies>
<add assembly="System.Security, Version=2.0.0.0,
Culture=neutral,
PublicKeyToken=B03F5F7F11D50A3A" />
<add assembly="System.Web.Security.SingleSignOn,
Version=1.0.0.0,
Culture=neutral, PublicKeyToken=31bf3856ad364e35, Custom=null" />
<add assembly="System.Web.Security.SingleSignOn.ClaimTransforms,
Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35,
Custom=null" />
</assemblies>
</compilation>
<authentication mode="None"/>
<customErrors mode="Off"></customErrors>
<httpModules>
<add
name="Identity Federation Services Application Authentication
Module"
type="System.Web.Security.SingleSignOn.WebSsoAuthenticationModule,
System.Web.Security.SingleSignOn, Version=1.0.0.0, Culture=neutral,
PublicKeyToken=31bf3856ad364e35, Custom=null" />
</httpModules>
<websso>
<authenticationrequired />
<eventloglevel>55</eventloglevel>
<auditsuccess>2</auditsuccess>
<urls>
<returnurl>
https://resourcewebservername.adfstestdomain.net:443/
</returnurl>
</urls>
<cookies writecookies="true">
<path>/</path>
<lifetime>240</lifetime>
</cookies>
<fs>https://federationservername.adfstestdomain.net/adfs/fs/federationserverservice.asmx</fs>
</websso>
</system.web>
</configuration>
"Joe Kaplan" wrote:
Please post your web.config. I should be able to tell. Note that you
need
a configuration section defined for the websso section in order for it
to
be
allowed in system.web. I'm sure that is in your sample app from the
step
by
step guide though.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Todd Fleenor" <ToddFleenor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:2F524D62-8AE5-4987-9065-61DD79322BF6@xxxxxxxxxxxxxxxx
I have added all of the example sections from the Step by Step
document.
However, I wondered the same thing.
We do have a "working" claims aware setup in a lab that was built
using
the
Step By Step document. I say working just because we are not getting
this
same error. However, VS 2005 is not being used in this setup.
I am attempting to write my own claims aware application on my own
setup
which is also based on the step-by step document except for the fact
that
I
am doing my own web site using Visual Studio 2005 instead of just
coping
the
aspx file examples.
Before posting, I had copied the web.config from the working example
into
my
web site just to see if there would be any change in behaviour, but
no
luck.
The same error is generated.
However, I thought perhaps one important section may be the <websso>
entry.
I have tried to make sure this was setup correctly for my
installation.
I am wondering if it might be related to your theory that the
httpmodule
is
complaining about its configuraiton. Visual Studio is in fact
complaining
about the section and is giving me the following error in the IDE.
<i>The element 'system.web' has invalid child element 'websso'. List
of
possible elements expected: 'anonymousIdentification,
authentication,
authorization, browserCaps, clientTarget, compilation, customErrors,
deployment, deviceFilters....<rest of message truncated for
expediency></i>
However, it gives me the same error using the web.config pasted from
the
Step by Step example as well.
Currently, I am working with the HTTPmodule section commented out of
the
web.config. The code I am writing seems to be functioning thus far
without
this section. I am only writing some code that shows the various
properties
of the ADFS objects, so perhaps I will start running into problems
at
some
point.
Thanks,
Todd
"Joe Kaplan" wrote:
Did you add the rest of the configuration section stuff you need
for a
claims-aware app? It sounds like the HttpModule is complaining
that
it
can't find some or all of its configuration settings.
The sample app that you use in the step by step guide shows an
example
of
what the web.config should contain.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Todd Fleenor" <ToddFleenor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message
news:B661F04E-6CCE-4941-A064-77F746453769@xxxxxxxxxxxxxxxx
I am working on an Active Directory Federation Services (ADFS)
Proof
of
Concept and trying some sample code to show identity information.
I am using VS 2005 running on Windows Server 2003 R2 with IIS
6.0.
The ADFS Web Agent for Claims Aware applications is installed.
The
ADFS
Web
Agent for NT Token based application is not installed.
When I add the following section from the ADFS Step by Step
document
to
my
web.config, an execption is thrown.
<httpModules>
<add
name="Identity Federation Services Application
Authentication
Module"
type="System.Web.Security.SingleSignOn.WebSsoAuthenticationModule,
System.Web.Security.SingleSignOn, Version=1.0.0.0,
Culture=neutral,
PublicKeyToken=31bf3856ad364e35, Custom=null" />
</httpModules>
I have tried running the web site under the three built in
identities
provide with IIS 6.0, but it makes no difference. I don't want to
run
the
under a different identity, but its just a suggestion from the
error
message
text.
Has anyone seen this before? -Thanks
Error message below:
[WebSsoConfigurationException: The ADFS auditing subsystem could
not
- Follow-Ups:
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Todd Fleenor
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- References:
- ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationException
- From: Todd Fleenor
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationException
- From: Joe Kaplan
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Todd Fleenor
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Joe Kaplan
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Todd Fleenor
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Joe Kaplan
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Todd Fleenor
- Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- From: Joe Kaplan
- ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationException
- Prev by Date: Re: Do I have to have a my own DNS?
- Next by Date: Re: even id:529 not generating on DC for failed attempt
- Previous by thread: Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- Next by thread: Re: ADFS System.Web.Security.SingleSignOn.WebSsoConfigurationExcep
- Index(es):
Relevant Pages
|
