Hello Guys I'm kind of desperate because I'm not able to figure out what's happening here:
I have been in charge of the upgrade from .NET Framework 4.5.1 to 4.8 of a Legacy Application that no one has changed for several years, it creates bearer tokens using OWIN Authorization and is targeting .NET framework 4.8.
Some other services consume these tokens as bearer tokens, so far I have been able to create the tokens using the Authorization server but when I try to consume them on the services I see that the consumer cannot get the claims successfully.
I have been told that the machine key property must match in both services but despite the two services having the same machine key I keep getting unauthorized responses.
The Auth Server WebConfig Looks like this:
<system.web>
<compilation debug="true" targetFramework="4.8" />
<httpRuntime targetFramework="4.8" />
<machineKey validationKey="xxx" decryptionKey="aaa" validation="SHA1" decryption="AES" />
</system.web>
And the Consumer Service Web Config Looks like this:
<system.web>
<compilation debug="true" targetFramework="4.8">
<!-- <assemblies>
<add assembly="AuthComponent2, Version=4.0.0.0, Culture=neutral, PublicKeyToken=457ad908cac10889, processorArchitecture=MSIL" />
<add assembly="Disney.IAME.Keystone.KeystoneDAL, Version=1.0.10.0, Culture=neutral, processorArchitecture=MSIL" />
<add assembly="Disney.Keystone.Common.Model.Service, Version=1.0.10.0, Culture=neutral, processorArchitecture=MSIL" />
<add assembly="Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL" />
<add assembly="System.IO.Compression, Version=4.2.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
</assemblies> -->
</compilation>
<httpRuntime targetFramework="4.8"/>
<machineKey validationKey="xxx" decryptionKey="aaa" validation="SHA1" decryption="AES"/>
</system.web>
If you guys know if there is something missing that I can check I will be very very grateful.
Thanks in advance.
Related
I have an ASP.NET MVC application with a root web.config and a secondary Views/web.config added automatically by Visual Studio years ago when the application was created.
Now I have bumped ASP.NET MVC to a newer version (5.2.7), fixed various issues on my developer machine - and everything works for me.
Unfortunately, when pushed to our integration test server, everything fails as there are MVC version references, in the Views/web.config file, that are now invalid for the new MVC version.
I can fix the version issues and everything is 200 OK ... but, and here is my question, why doesn't the errors show up on my local developer machine?
It turns out I can introduce XML syntax errors and what not on my local machine - and nothing happens, everything is okay locally, as if the Views/web.config file is completely ignored by the webserver.
Both machines are running IIS on Windows with the same configuration ... well, except that something apparently is different.
Where should I look to figure out why the Views/web.config is ignored on my developer machine?
The Views/web.config looks like this (with the wrong version numbers included):
<?xml version="1.0"?>
<configuration>
<configSections>
<sectionGroup name="system.web.webPages.razor" type="System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="host" type="System.Web.WebPages.Razor.Configuration.HostSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
<section name="pages" type="System.Web.WebPages.Razor.Configuration.RazorPagesSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
</sectionGroup>
</configSections>
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="System.Web.Mvc.WebViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="CBrain.F2.SelfService.Mvc.Html" />
</namespaces>
</pages>
</system.web.webPages.razor>
<appSettings>
<add key="webpages:Enabled" value="false" />
</appSettings>
<system.web>
<compilation>
<assemblies>
<add assembly="System.Web.Mvc, Version=5.2.7.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
</system.web>
<system.webServer>
<handlers>
<remove name="BlockViewHandler"/>
<add name="BlockViewHandler" path="*" verb="*" preCondition="integratedMode" type="System.Web.HttpNotFoundHandler" />
</handlers>
</system.webServer>
</configuration>
Turns out that IIS behaves a bit strange: once the webpage loads correctly first time, I can change the Views/web.config without IIS detecting the change. But then I modify the main web.config ... whereafter IIS detects my changes in Views/web.config. Guess I have to live with that.
I am new to Windows Identity Framework. My organization has multiple environments that make use of different 'authority' and 'endpoint' names. My application can detect the environment at runtime. I've looked through the WIF documentation and through stackoverflow and am not, thus far, able to find anything that I can use to help me with this problem.
The example below works in my localhost environment:
<add key="ida:FederationMetadataLocation" value="https://test.login.mycompany.com/FederationMetadata/2007- 06/FederationMetadata1.xml" />
<add key="ida:Realm" value="https://localhost/webapp" />
<add key="ida:AudienceUri" value="https://localhost/webapp/" />
In my development environment the same section needs to be:
<add key="ida:FederationMetadataLocation" value="https://dev.login.mycompany.com/FederationMetadata/2007-06/FederationMetadata1.xml" />
<add key="ida:Realm" value="https://dev.mycompany.com/webapp" />
<add key="ida:AudienceUri" value="https://dev.mycompany.com/webapp/" />
I also need to make similar changes to the AudienceURIs and the federationConfiguration.
Here is the full localhost web.config:
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<configSections>
<!--Added for Windows Identity Framework -->
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<!--END: Added for Windows Identity Framework -->
</configSections>
<appSettings>
<!--Added for Windows Identity Framework -->
<add key="ida:FederationMetadataLocation" value="https://test.login.mycompany.com/FederationMetadata/2007-06/FederationMetadata1.xml" />
<add key="ida:Realm" value="https://localhost/webapp" />
<add key="ida:AudienceUri" value="https://localhost/webapp/" />
<!--END: Added for Windows Identity Framework -->
</appSettings>
<system.web>
...
</system.web>
<system.webServer>
<!--Added for Windows Identity Framework -->
<modules>
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
</modules>
<!--END: Added for Windows Identity Framework -->
</system.webServer>
<runtime>
<assemblyBinding ...
</assemblyBinding>
</runtime>
<!--Added for Windows Identity Framework -->
<system.identityModel>
<identityConfiguration>
<audienceUris>
<add value="https://localhost/webapp" />
<add value="https://localhost/webapp/FederationResult/" />
</audienceUris>
<securityTokenHandlers>
...
</securityTokenHandlers>
<certificateValidation certificateValidationMode="None" />
<issuerNameRegistry type="System.IdentityModel.Tokens.ValidatingIssuerNameRegistry, System.IdentityModel.Tokens.ValidatingIssuerNameRegistry">
<authority name="http://test.login.mycompany.com/adfs/services/trust">
<keys>
<add thumbprint="123320493" />
</keys>
<validIssuers>
<add name="http://test.login.mycompany.com/adfs/services/trust" />
</validIssuers>
</authority>
</issuerNameRegistry>
</identityConfiguration>
</system.identityModel>
<system.identityModel.services>
<federationConfiguration>
<wsFederation
issuer="https://test.login.mycompany.com/adfs/ls/"
realm="https://localhost/webapp/"
reply="https://localhost/webapp/"
passiveRedirectEnabled="true"
requireHttps="true" />
<cookieHandler name="LocalFedAuthRounding" requireSsl="true" />
</federationConfiguration>
</system.identityModel.services>
<!--Added for Windows Identity Framework -->
</configuration>
Does the WIF provide methods to do this? I've looked through the documents and can't figure out how to make these changes.
Thanks,
Matt
The identity and access tool from Visual Studio only allows for one "authority" at a time. If you want a different authority per environment (say your site is deployed in TST, acceptance and production) then you will need to consider web config transforms at deploy time to configure the correct authority.
However, if you need to accept security tokens from multiple authorities in the same deployed website, then you need to manually merge the section for system.IdentityModel into one. WIF supports (It will try each option one by one) this but IDA doesn't. The system.identityModel.Services part is trickier since that is where you tell WIF how to do a redirect for a passive login scenario. That part you will need to do manually in code. It's not that hard. After all, you just need to redirect to a -cleverly composed - url.
You can also use something like Windows AZure ACS or Thinktecture Identity Server to shield the different identity providers from your application. Identity providers (authorities in your parlance) then get added at the STS level and your app just trusts the STS. Also, do not forget the signout which should be redirected to the same identity provider you used to log in in the first place.
I answered a very similar question just lately but since the answer hasn't been accepted, I can't make your question a duplicate of that one
Authentication against multiple identity providers using WSFederationAuthenticationModule for asp.net
Basically, you do everything in few lines of code instead of relying on the static configuration.
I'm trying to convert my application from .NET 2.0 to 4.5.1 but I got the with the run time version of my application.
Could not load file or assembly '...dll' or one of its
dependencies.This assembly is built by a runtime newer than the
currently loaded runtime and cannot be loaded.
How can I can get rid off this?
Did I forgot something to add or modify on my Web.config?
The process of publishing the application is through local and the published files will be copy paste on the application server in Virtual Machine.
I just solved the issue by publishing the application locally in VS2013,get the published version and add & modified the web.config of the application server instance with the ff:
<configSections>
<sectionGroup name="applicationSettings" type="System.Configuration.ApplicationSettingsGroup, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
<section name="[myDllname].Properties.Settings" type="System.Configuration.ClientSettingsSection, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" requirePermission="false"/>
</sectionGroup>
</configSections>
<system.web>
<globalization uiCulture="auto" culture="auto"/>
<customErrors mode="Off"/>
<pages validateRequest="false" controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID">
<controls>
<add tagPrefix="csla" namespace="Csla.Web" assembly="Csla, Version=3.0.3.0, Culture=neutral, PublicKeyToken=93be5fdc093e4c30"/>
</controls>
</pages>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true" targetFramework="4.5.1">
<assemblies>
<add assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
</assemblies>
</compilation>
<identity impersonate="true"/>
<authentication mode="Windows"/>
</system.web>
Just make sure that the target framework is in compatible mode. In my case, I'm using old CSLA version.
I am coding a PlugIn to NopCommerce 3.2, and in the views I get the error mentioned above, but also for 'Layout' and 'Html'. I have copied the same Web.Config that works in another plugin. I have also added the same references as used in the working Plugin. When compiling the plugin works, but I don't have any intellisense and can't trust that VisualStudio marks errors correctly. I am using VS2013 Professional Update 1.
Here is the Web.Config file:
<?xml version="1.0" encoding="utf-8"?>
<!-- We use this file to make razor intellisense work in the class library -->
<configuration>
<configSections>
<sectionGroup name="system.web.webPages.razor" type="System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<section name="host" type="System.Web.WebPages.Razor.Configuration.HostSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
<section name="pages" type="System.Web.WebPages.Razor.Configuration.RazorPagesSection, System.Web.WebPages.Razor, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
</sectionGroup>
</configSections>
<appSettings>
<add key="webpages:Version" value="3.0.0.0" />
<add key="webpages:Enabled" value="false" />
<add key="PreserveLoginUrl" value="true" />
<add key="ClientValidationEnabled" value="true" />
<add key="UnobtrusiveJavaScriptEnabled" value="true" />
</appSettings>
<system.web>
<compilation targetFramework="4.5" />
<pages
validateRequest="false"
pageParserFilterType="System.Web.Mvc.ViewTypeParserFilter, System.Web.Mvc, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"
pageBaseType="System.Web.Mvc.ViewPage, System.Web.Mvc, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35"
userControlBaseType="System.Web.Mvc.ViewUserControl, System.Web.Mvc, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
<controls>
<add assembly="System.Web.Mvc, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" namespace="System.Web.Mvc" tagPrefix="mvc" />
</controls>
<namespaces>
<add namespace="System.Web.Helpers" />
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
<add namespace="System.Web.WebPages" />
</namespaces>
</pages>
</system.web>
<system.web.webPages.razor>
<host factoryType="System.Web.Mvc.MvcWebRazorHostFactory, System.Web.Mvc, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<pages pageBaseType="Nop.Web.Framework.ViewEngines.Razor.WebViewPage">
<namespaces>
<add namespace="System.Web.Mvc" />
<add namespace="System.Web.Mvc.Ajax" />
<add namespace="System.Web.Mvc.Html" />
<add namespace="System.Web.Routing" />
</namespaces>
</pages>
</system.web.webPages.razor>
</configuration>
EDIT: Sorry if you find this question not researched, but I assure you I have spent hours to try to find the solution (including those questions I have found here in stackoverflow that are similar and pointing out web.config as the problem which is the reason I have included that file in my question) but can't find it.
This error was probably caused by Resharper. We are a team of three developers using GIT. One of us installed Resharper, and this probably caused the error for the other two of us. When we installed Resharper trial it suddenly worked again. Unfortunately it isn't working when uninstalling Resharper again...
Try to add this section in system.web. (Make sure the versions i added are indeed the ones you are using)
<compilation targetFramework="4.5">
<assemblies>
<add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Helpers, Version=2.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Routing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.Mvc, Version=5.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
<add assembly="System.Web.WebPages, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
Close the .cshtml view files. Rebuild the project. And open them again.
Un-installing the project MVC Nuget Package and Reinstalling it fixed it for me. Mine got botched when I changed the .net version of the project.
Ensure that the namespace that you have defined on view is matching with your model's namespace.
If you change your project properties to target 4.5.1,
targetFramework in LOTS of other places will still say 45
You can find targetFramework 3-4 times in your root web.config
and in all kinds of packages.config.
I had same problem, change Project to target 4.5 and it cleared up.
Best to not target 4.5.1
I had the same problem. The solution was to uninstall the project MVC Nuget Package and Reinstall it.
http://mhammadchehab.com/wordpress/2013/12/enabling-intellisense-for-razor-in-class-library-mvc-5-razor-3-0/
Change the Project Output path to /bin for All Configurations in the Project Properties. This is odd, but it seems when the VS Project Output is pushed to /bin/Debug or /bin/Release the intellisense is completely busted.
I experienced the same error in my MVC 5 project. My case was that the Web.config in Views folder was not published somehow. Adding it back solved the issue.
I my case, I had to reset the Visual Studio Component Cache by closing Visual Studio and deleting this folder:
C:\Users\[username]\AppData\Local\Microsoft\VisualStudio\14.0\ComponentModelCache
I had the same error and just changed
<pages pageBaseType="Nop.Web.Framework.ViewEngines.Razor.WebViewPage">
to
<pages pageBaseType="System.Web.Mvc.WebViewPage">
I am just trying to get cshtml intellisense in a console application so it worked for me to go back to the standard base webviewpage.
This is getting Frustrating ... I am semi-new to web services, and I dont really understand why I can't figure out how to use Microsoft WSE 3.0 to enable MTOM encoding for SOAP on my web service. I have added the following to my web service:
Web.config and app.config in my library on the server:
<configuration>
<configSections>
<section name="microsoft.web.services3" type="Microsoft.Web.Services3.Configuration.WebServicesConfiguration, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35"/>
</configSections>
<system.web>
<httpRuntime maxRequestLength="134217728" executionTimeout="300"/>
<webServices>
<soapExtensionImporterTypes>
<add type="Microsoft.Web.Services3.Description.WseExtensionImporter, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</soapExtensionImporterTypes>
<soapServerProtocolFactory type="Microsoft.Web.Services3.WseProtocolFactory, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
</webServices>
<compilation>
<assemblies>
<add assembly="Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
</assemblies>
</compilation>
</system.web>
<microsoft.web.services3>
<messaging>
<mtom serverMode="always" />
<maxMessageLength value="134217728" />
</messaging>
</microsoft.web.services3>
</configuration>
On the client side I added the same to the app.config, adding did clientMode="On".
When I try to upload a 40MB file, I get the popular error "Maximum request length exceeded."
Any explanation? Do I have to tell the transports to use that configuration? How do I do that? Thanks!
You might be running up against the maxAllowedContentLength of the Web Server. If you are running IIS7, try adding this code block to your web.config. IIS7 filters the request before the http runtime gets it.
http://msdn.microsoft.com/en-us/library/ie/ms689462(v=vs.90).aspx
<system.webServer>
<security>
<requestFiltering>
<requestLimits maxAllowedContentLength="134217728" />
</requestFiltering>
</security>
</system.webServer>