My setup is an MVC website that the user connects to, with a REST Web API service that the website connects to behind the scenes. Both the website and web service need authentication and will use the users Windows authentication first to authenticate, and then to pass this identity to an ADLDS directory claims provider I have to see what they are authorized to perform.
Currently connecting to the MVC website hosted on IIS works fine, the windows credentials are authenticated against and then authorized for permissions and the website behaves fine. But when the website makes the calls to the REST service, the REST service checks for the identity and gets the identity of the app pool, not the credentials of the user calling the MVC website. Ie double hopping problem.
This is with impersonate=false in the web.config of the MVC website. I have tried running the MVC website locally on my box through Visual Studio, connecting to the remotely hosted REST service and set impersonate=true in the local MVC web.config and this works. Ie the REST web service then gets the correct credentials through, not the app pool identity.
However if I set impersonate=true in the web.config of the MVC website hosted on IIS on the remote server, the website fails to load at all. So what works in visual studio, doesn't work when deployed through IIS. The exception I get is
01-12-2015 09:52:47,105 [][1] INFO Centrica.CE.SE.PortalX.MvcApplication - **********************APPLICATION STARTED*****************************
01-12-2015 09:53:10,160 [UK\kerslaj1][5] ERROR Centrica.CE.SE.PortalX.MvcApplication - System.Reflection.TargetInvocationException: Exception has been thrown by the target of an invocation. ---> Microsoft.Practices.Unity.ResolutionFailedException: Resolution of the dependency failed, type = "Centrica.CE.SE.PortalX.Security.IClaimsProvider", name = "(none)".
Exception occurred while: Calling constructor Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider().
Exception is: TypeInitializationException - The type initializer for 'Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider' threw an exception.
-----------------------------------------------
At the time of the exception, the container was:
Resolving Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider,(none) (mapped from Centrica.CE.SE.PortalX.Security.IClaimsProvider, (none))
Calling constructor Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider()
---> System.TypeInitializationException: The type initializer for 'Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider' threw an exception. ---> System.DirectoryServices.AccountManagement.PrincipalOperationException: An operations error occurred.
---> System.DirectoryServices.DirectoryServicesCOMException: An operations error occurred.
at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail)
at System.DirectoryServices.DirectoryEntry.Bind()
at System.DirectoryServices.DirectoryEntry.get_AdsObject()
at System.DirectoryServices.DirectoryEntry.get_Options()
at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit()
--- End of inner exception stack trace ---
at System.DirectoryServices.AccountManagement.PrincipalContext.DoLDAPDirectoryInit()
at System.DirectoryServices.AccountManagement.PrincipalContext.DoApplicationDirectoryInit()
at System.DirectoryServices.AccountManagement.PrincipalContext.Initialize()
at System.DirectoryServices.AccountManagement.PrincipalContext.get_QueryCtx()
at System.DirectoryServices.AccountManagement.PrincipalSearcher.SetDefaultPageSizeForContext()
at Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider.SetApplicationClaims()
at Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider.Initialise()
--- End of inner exception stack trace ---
at Centrica.CE.SE.PortalX.Security.ADLDSClaimsProvider..ctor()
at lambda_method(Closure , IBuilderContext )
at Microsoft.Practices.ObjectBuilder2.DynamicBuildPlanGenerationContext.<>c__DisplayClass1.<GetBuildMethod>b__0(IBuilderContext context)
at Microsoft.Practices.ObjectBuilder2.BuildPlanStrategy.PreBuildUp(IBuilderContext context)
at Microsoft.Practices.ObjectBuilder2.StrategyChain.ExecuteBuildUp(IBuilderContext context)
at Microsoft.Practices.Unity.UnityContainer.DoBuildUp(Type t, Object existing, String name, IEnumerable`1 resolverOverrides)
--- End of inner exception stack trace ---
at Microsoft.Practices.Unity.UnityContainer.DoBuildUp(Type t, Object existing, String name, IEnumerable`1 resolverOverrides)
at Microsoft.Practices.Unity.UnityContainer.DoBuildUp(Type t, String name, IEnumerable`1 resolverOverrides)
at Microsoft.Practices.Unity.UnityContainerExtensions.Resolve[T](IUnityContainer container, ResolverOverride[] overrides)
at Centrica.CE.SE.PortalX.Security.AuthenticationManager.Authenticate(String resourceName, ClaimsPrincipal incomingPrincipal)
at Centrica.CE.SE.PortalX.MvcApplication.Application_PostAuthenticateRequest()
--- End of inner exception stack trace ---
at System.RuntimeMethodHandle.InvokeMethod(Object target, Object[] arguments, Signature sig, Boolean constructor)
at System.Reflection.RuntimeMethodInfo.UnsafeInvokeInternal(Object obj, Object[] parameters, Object[] arguments)
at System.Reflection.RuntimeMethodInfo.Invoke(Object obj, BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
at System.Reflection.MethodBase.Invoke(Object obj, Object[] parameters)
at System.Web.Util.ArglessEventHandlerProxy.Callback(Object sender, EventArgs e)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
Any suggestions as to why this works on my local machine but not when hosted on IIS?
Related
I'm having a few issues with a Asp.Net Web Api application in our production environment, some api requests (about 1% of them) crash intermittently with the following exception message:
A null 'MediaTypeFormatter' is not valid.
Parameter name: formatters
All these errors seem to happen randomly and in these cases the execution flow doesn't even reach the ApiController endpoints.
Does anyone know how to fix this problem ? Any help would be greatly appreciated.
More infos and complete stacktrace:
.Net Framework 4.5
Asp.Net Web Api 2.2 (Microsoft.AspNet.WebApi package v5.2.3)
IIS 8.5
Windows server 2012 R2
"ExceptionMessage": "A null 'MediaTypeFormatter' is not valid.
Parameter name: formatters",
"ExceptionType": "System.ArgumentException",
"StackTrace": " at System.Net.Http.Formatting.MediaTypeFormatterCollection.VerifyAndSetFormatters(IEnumerable'1 formatters)
at System.Net.Http.HttpContentExtensions.ReadAsAsync[T](HttpContent content, Type type, IEnumerable'1 formatters, IFormatterLogger formatterLogger, CancellationToken cancellationToken)
at System.Web.Http.ModelBinding.FormatterParameterBinding.ReadContentAsync(HttpRequestMessage request, Type type, IEnumerable'1 formatters, IFormatterLogger formatterLogger, CancellationToken cancellationToken)
at System.Web.Http.ModelBinding.FormatterParameterBinding.ReadContentAsync(HttpRequestMessage request, Type type, IEnumerable'1 formatters, IFormatterLogger formatterLogger)
at System.Web.Http.ModelBinding.FormatterParameterBinding.<ExecuteBindingAsyncCore>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Controllers.HttpActionBinding.<ExecuteBindingAsyncCore>d__0.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Controllers.ActionFilterResult.<ExecuteAsync>d__2.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
at System.Web.Http.Dispatcher.HttpControllerDispatcher.<SendAsync>d__1.MoveNext()"
EDIT 04/05/2020
Our production environment configuration is 7 servers under a load
balancer
Only one application pool of a single server presented the
problem
After recycling the application the problem disappeared (we
are still investigating the issue, we don't want it to happen again).
I’m trying to run a sample from an Azure SDK winch communicates with the Azure MFA service. The sample compiles and runs in visual studio but once I deploy it to IIS I get the error below:
Access is denied.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: System.Security.Cryptography.CryptographicException: Access is denied.
I suspect it’s related to a certificate that is needed to authenticate to the Azure service but not sure how to troubleshoot as I’m not a developer by trade. The certificate is in the same location as the ASP app and it’s referenced correctly in the code. Again, the code works through Visual Studio.
Stack Trace:
[CryptographicException: Access is denied.
]
System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) +41
System.Security.Cryptography.X509Certificates.X509Utils._QueryCertFileType(String fileName) +0
System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromFile(String fileName, Object password, X509KeyStorageFlags keyStorageFlags) +125
System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(String fileName, String password, X509KeyStorageFlags keyStorageFlags) +141
pf_auth.send_message(String target, String message, String cert_file_path, String& body) +221
pf_auth.pf_authenticate_internal(PfAuthParams pfAuthParams, Boolean asynchronous, String& otp, Int32& call_status, Int32& error_id) +744
MFADemo.example.btnTest_Click(Object sender, EventArgs e) +1602
System.Web.UI.WebControls.Button.OnClick(EventArgs e) +11754953
System.Web.UI.WebControls.Button.RaisePostBackEvent(String eventArgument) +150
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +3619
I think you are better off uploading the cert to your application in Azure Management portal in the Configure tab:
And then in the code your Cert store location should be "CurrentUser" instead of "LocalMachine" for it to work in Azure...
We had multiple issues with reading certificates from file system in Azure and ended up uploading it to he Azure website and reading it from the store...
Sorry if the Title is a little vague but the truth is I do not understand my problem, I have never come across this before and I havent done anything out of the Ordinary.
Right I have a basic Silverlight 4 Application using the Business Application Template. I have also created a WCF Service Application Project which is used to simply return an Observable collection for some entries in my Database,
I published this to my Local computer which I then referenced in my SL4 app and I get this exception
[System.ServiceModel.CommunicationException: The remote server returned an error: NotFound. ---> System.Net.WebException: The remote server returned an error: NotFound. ---> System.Net.WebException: The remote server returned an error: NotFound.
at System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult)
at System.Net.Browser.BrowserHttpWebRequest.<>c__DisplayClass5. <EndGetResponse>b__4(Object sendState)
at System.Net.Browser.AsyncHelper.<>c__DisplayClass4.<BeginOnUI>b__0(Object sendState)
--- End of inner exception stack trace ---
at System.Net.Browser.AsyncHelper.BeginOnUI(SendOrPostCallback beginMethod, Object state)
at System.Net.Browser.BrowserHttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest. CompleteGetResponse(IAsyncResult result)
--- End of inner exception stack trace ---
at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
at System.ServiceModel.ClientBase`1.ChannelBase`1.EndInvoke(String methodName, Object[] args, IAsyncResult result)
at RMServiceRIA.rService.Service1Client.Service1ClientChannel.EndgetBuildings(IAsyncResult result)
at RMServiceRIA.rService.Service1Client.RMServiceRIA.rService.IService1.EndgetBuildings(IAsync Result result)
at RMServiceRIA.rService.Service1Client.OnEndgetBuildings(IAsyncResult result)
at System.ServiceModel.ClientBase`1.OnAsyncCallCompleted(IAsyncResult result)}
I have got a clientaccess policy and crossdomain policy which for the purpose of testing is set to allow anything access,
Client Access Policy
Cross Domain
any ideas on how to fix this problem, I debugged my WCF Service and it receives the call, the method executed reaches its return statement, yet my SL4 never even receives the result, as soon as my WCF service has the result I get an exception thrown within my SL4 app, to me it just seems that the connection gets closed but I dont know and I have tried to research but where do you start with something you dont fully understand? I found many people with the same sort of error message but WCF is so damn cryptic... I did try and enable the debugging information inside of my webconfig. I have also tried to host the WCF service on my Web server but no luck, I have several WCF Services running on that with a similar set up so I am unsure why this isnt working
Web Config for WCF Service
client config
Thanks for having a look, and if you need any more info just ask I'll be happy to provide you with it,
Your best bet is to turn on WCF Tracing so you can see what is going on.
http://software.intel.com/en-us/blogs/2010/02/03/adventures-with-silverlight-and-wcf-the-remote-server-returned-an-error-notfound/
Most likely there is an issue with serializing something. Not found is just the Silverlight version of a 500 error.
We have a WinForms application (.NET 4.0/C#) that accesses several web services. We deployed to a client who has some proxy feature on their firewall (no proxy settings in Internet Options on the client machine, but it definitely IS a proxy).
The problem is, our WinForms app will fail on the first web service call. The error information isn't very useful but it's clear that it's unable to call the web service methods. The weird part is, once we put the web service (asmx) URL in Internet Explorer on that client machine, it works just fine for several days. It's as if IE is causing the router to cache some of the routing information.
Has anyone else experienced this? Is there a simple fix that we could implement?
Thank you!
Here is the Exception information:
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Net.WebException
Stack:
Server stack trace:
at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
at AutoUpdater.Module.WebService.AutoUpdaterWebService.AutoUpdater.ValidateInstallKey(String installKey, String computerIdentifier)
at AutoUpdater.Module.WebService.Config.ValidateInstallKey()
at AutoUpdater.Module.RemoteService.ValidateInstallKey()
at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext)
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(System.Runtime.Remoting.Messaging.IMessage, System.Runtime.Remoting.Messaging.IMessage)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(System.Runtime.Remoting.Proxies.MessageData ByRef, Int32)
at AutoUpdater.Foundation.Interfaces.IRemoteService.ValidateInstallKey()
at AutoUpdater.UpdateForm..ctor()
at AutoUpdater.Program.Main()
I'm trying to consume a WF Service hosted in IIS express (xamlx) from a Silverlight Client.
I added my service reference and when I use the client proxy, I get this:
System.ServiceModel.CommunicationException was unhandled by user code
Message=An error occurred while trying to make a request to URI 'http://localhost:52878/Workflows/PerformanceAppraisal/Exempt.xamlx'. This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent. This error may also be caused by using internal types in the web service proxy without using the InternalsVisibleToAttribute attribute. Please see the inner exception for more details.
StackTrace:
at System.ServiceModel.AsyncResult.End[TAsyncResult](IAsyncResult result)
at System.ServiceModel.Channels.ServiceChannel.EndCall(String action, Object[] outs, IAsyncResult result)
at System.ServiceModel.ClientBase`1.ChannelBase`1.EndInvoke(String methodName, Object[] args, IAsyncResult result)
at CompanyHR.ExemptPAService.ExemptPAClient.ExemptPAClientChannel.EndInitiatePerformanceAppraisal(IAsyncResult result)
at CompanyHR.ExemptPAService.ExemptPAClient.CompanyHR.ExemptPAService.IExemptPA.EndInitiatePerformanceAppraisal(IAsyncResult result)
at CompanyHR.ExemptPAService.ExemptPAClient.OnEndInitiatePerformanceAppraisal(IAsyncResult result)
at System.ServiceModel.ClientBase`1.OnAsyncCallCompleted(IAsyncResult result)
InnerException: System.Security.SecurityException
Message=""
StackTrace:
at System.Net.Browser.AsyncHelper.BeginOnUI(SendOrPostCallback beginMethod, Object state)
at System.Net.Browser.BrowserHttpWebRequest.EndGetResponse(IAsyncResult asyncResult)
at System.ServiceModel.Channels.HttpChannelFactory.HttpRequestChannel.HttpChannelAsyncRequest.CompleteGetResponse(IAsyncResult result)
InnerException: System.Security.SecurityException
Message=Security error.
StackTrace:
at System.Net.Browser.BrowserHttpWebRequest.InternalEndGetResponse(IAsyncResult asyncResult)
at System.Net.Browser.BrowserHttpWebRequest.<>c__DisplayClass5.<EndGetResponse>b__4(Object sendState)
at System.Net.Browser.AsyncHelper.<>c__DisplayClass4.<BeginOnUI>b__1(Object sendState)
InnerException:
When I added the service reference I didn't use http://localhost:52878/Workflows/PerformanceAppraisal/Exempt.xamlx
I used the https version of that. But it seems to be using this url instead.
I am using IIS Express in visual studio 2010.
The error message is quite clear about not being able to find a clientaccesspolicy.xml. This is the result of calling a service on a different site then the Silverlight app is running. You didn't mention the URL to the Silverlight app but it could either be the case of that using HTTPS or being a different site altogether.