Security :: Windows Identity Foundation Federation Utility Fails Saying HRESULT 0x80070002
Feb 10, 2011
I've been trying to set a STS project in my solution following these steps on Channel 9. Right after hitting "Finish", I get an exception saying: The system cannot find the file specified. (Exception from HRESULT: 0x80070002). After installing, uninstalling, rebooting, and so on, I still get the error.
My OS is Windows 7 Enterprise x64, both Visual Studio 2010 and Visual Web Developer 2010 Express are installed in my machine, the WIF SDK 4, the runtime 6.1 and the Identity Training Kit from January 2011.
View 2 Replies
Similar Messages:
Jan 23, 2011
I have an requirement to implement single sign on solution using SAML 2. I had a look at a tirdparty toolkit in componentspace, but I would prefer some microsoft components.
the features provided in componentspace toolkit can be done using some Microsoft .NET libraries itself. identify the microsoft way to do this?. I looked at the Windows Identity Foundation SDK, but it is now supported only for .NET 3.5. My web application is built on .NET 2.0.
Is there any alternative for Windows Identity Foundation in .NET framework 2.0?
View 2 Replies
Feb 1, 2010
I'm writing an ASP.net application that uses Windows Identity Foundation. My ASP.net application uses claims-based authentication with passive redirection to a security token service. This means that when a user accesses the application, they are automatically redirected to the Security Token Service where they receive a security token which identifies them to the application.
In ASP.net, security tokens are stored as cookies.
I want to have something the user can click on in my application that will delete the cookie and redirect them to the Security Token Service to get a new token. In short, make it easy to log out and log in as another user. I try to delete the token-containing cookie in code, but it persists somehow.
How do I remove the token so that the user can log in again and get a new token?
View 2 Replies
Jun 18, 2010
Our solutions requires validating users against a custom database. This also includes roles which dictates what he user can do in the system. What is the best way to implement implement security, is it to use Windows Identity Foundation or the default Membership Provider and Role Provider that comes with .net?
View 2 Replies
Aug 9, 2010
My website security is configured with "Windows Integrated Security" only (anonymous is disabled).
I also want to set a specific account to run the w3wp.exe process using the
Application Pool Identity to a domain account.
Running directly from the server works without any problem but from remote computers I always get the authenticaion window then the 401.1 error (after 3 attempts).
It seems that its the combination of "Windows Integrated Security" along with the "Application Pool Identity" that causes the problem. When I disable one of the two it works properly.
My server is Windows Server 2003 R2, running IIS 6.0.
View 1 Replies
Jul 30, 2010
I am beginner in the Windows Communication Foundation. I am reading about it. I am little bit confused with the word 'Windows'. WCF can be used for building the web services for window application as well as web application. Then what is meaning of the word 'Windows' in WCF ? Why we are calling it as a 'Windows' Communication foundation ?
View 5 Replies
Jul 28, 2010
When i create a Windows Service for getting information from a Web Application(ASP.NET c#) for scheduling some task in the client machine.
To consume WCF from the web application. I added WCF reference to Window Service project as a service reference, everything seems fine. It updated app.config file, added service reference etc.
it was not working.
[Code]....
View 1 Replies
Jul 30, 2010
I want to know if this kind of authentication is possible.
We have an Active Directory account and that account we are using to log in to windows. I have a simple system that needs authentication using the IIS log in box (i dont know what do you call this but what I know is it only comes out when Anonymous user is unchecked in the IIS configuration.) Now, I want this box to appear before my page and the user will be authenticated and be compare to the user who logged in to the windows. If the user who have been authenticated is the same as the user who logged in to the windwos then we will let him in if not he must be denied in accessing the page.
The first problem I have in my mind is how to code it in asp.net to make an authentication when he will try to access my page.
Second is, let us say we have succeeded to show the authentication box, how can I get the username from the log in box and compare it to the user who logged on in windows. Of course we can get the user id of the logged in user from the windows using User.Identity.Name but how about the username from the log in box.
Note: I will not use log in forms even using https. Just the log in provided by the IIS according to the configuration.
View 1 Replies
Feb 21, 2011
I have a webpage stored on a local server (Site A) which when I browse to it is given my windows account details, this site then checks within AD to get my email address. My email address is then passed to another website (Site B) and consumed. The Website A is set in IIS to Integrated Windows Auth Only, WebSite A has
<identity impersonate="false"/>
set in the web.config What I dont understand is what user is accessing AD from site A - with impersonate = false that is telling the site not impersonate the windows user, but this seems at odds with the setting in IIS.
View 3 Replies
May 12, 2010
I currently have a client with a SharePoint site that wants to incorporate an (already written) ASP.NET application within a webpart in the SharePoint site. The ASP.net application currently uses an IIS impersonation account to connect to the SQL database.
Some added functionality the client is requesting would require me to grab the user's windows login identity to use the SharePoint UserProfileWebService to query the PropertyPages for that specific user. Because the (already written) ASP.NET application uses impersonation, when I grab the WindowsIdentity.GetCurrent().Name, I get the impersonation account and not the actual user's account.
Is there a way to keep the current setup (impersonation account on IIS to connect to SQL) and still grab the logged in user's credentials? Or would a better way about this be to change IIS to consume the Windows Identity of the logged in user and encrypt the connection string in the web.config?
View 2 Replies
Oct 18, 2010
Just to describe the scenario. I have a website. This lives on a webserver. On that webserver is an SQL server. The website connects to this database using windows authentication. I have written a windows form application that connects to the SQL Server on the webserver. This application is being run from a location on out intranet. The Winform application use SQL authentication to connect to the database. The SQL Server didn't have mix mode authentication enabled. So I enabled it. The winform application could now connect to the SQL Server.
This is where it starts getting a little strange.
The Website that was already connecting find using integrated authentication starts failing with:
Login failed for user 'NT AUTHORITYNETWORK SERVICE'
When you are enabling mixed mode authentication, you are adding another authentication method, why would the original Windows authentication fail?
View 1 Replies
Feb 12, 2010
I am having problems getting the security.aspx to load up on my primary development computer which is using Windows 7 Ultimate and Windows IE 8. Clicking on the ASP.NET Configuration icon from the IDE in the Solution Explorer within Visual Web Developer 2008 Express Edition loads up default.aspx with no problem. But when I click on the "Security" hyperlink to access "security.aspx" I get a message along the lines of "The configured SQL data source provider is not properly configured". It goes on to state a list of potential reasons for this problem. One that includes not having the proper credentials or permissions. Im almost 100% sure it has something to do with permissions because I can't even get to the "security.aspx" page from opening a new empty project. I have recently installed Visual Web Developer 2008 Express Edition on my laptop which is running Vista with all latest updates and this issue does "not" exists. I can click the "ASP.NET" icon, load up "default.aspx" and click "Security" and it loads the page with absolutely no issues.
I have discovered a weird workaround but I don't like having to do this. If I add the following lines to my "web.config" file from any given project I can get to the "security.aspx" page without getting any SQL messages about improper configuration or permissions.
<<remove "LocalSqlServer">
<add
name="LocalSqlServer"
connectionString="data
source=.SQLEXPRESS;Integrated Security=SSPI;AttachDBFilename=|DataDirectory|aspnetdb.mdf;User Instance=true"
providerName="System.Data.SqlClient"/>
Basically, what I have to do to get to the security page to load without error is add a remove statement and then I just cut'n'paste almost the exact same connectionString from machine.config in the Microsoft.netFrameWorkV2.0.5027config directory. This does away with the "Improperly configured SQL datasource message" and gets me a new error message along the lines of "Could not create a SQL instance". My memory is fuzzy on exact error messages since Im not at development computer right now. However, when I change the User Instance attribute from true to false, then I have success at last.
View 2 Replies
Dec 28, 2010
I am getting above error when I executing a method of Dll in VS 2005 and DLL is made in VB6 which is interoperable . I am unable to trace the error .
View 1 Replies
Mar 10, 2011
I read some blog that If we host workflow foundation in asp.net, there will be issues with workflow persistence, is this correct? and what is the better idea to host workflow foundation on asp.net or on windows service?
View 1 Replies
Jun 29, 2010
I have an ASP.NET application that is using Signle Sign On using Active Directory Federation Services
When the user first logs into the application, Once they are "authenticated", their credentials remain active while their web browser is open.
Now, I want the "authentication" to "timeout" in 60 minutes. This way if they browse to another page after 60 minutes, they are prompted to "re-enter" their credentials again.
I know that in FormsAuthentication, you can "de-authenticate" someone by calling "FormsAuthentication.SignOut();" in the Session_End Event in Global.asax.
Is there anyting like that for ADFS?
View 1 Replies
Mar 2, 2010
I would like to create a webpage that collects a users search criteria. Then when they click a button, send the parameters to the Windows Explorer Search utility and run it. Can this be done? If so, how? I am using asp.net to create my webpages.
View 1 Replies
Aug 25, 2010
I Need by service contract to return the xml/json result depending on the request type. function which will convert my result set (i am using linq to sql) so that i do not need to create the xml format for the result set by iterating through the table row many times.What is the suitable way to do that.
I need a kind of short cut method which will convert the table data to xml result.Had i been using asp.net mvc i would have been able to generate the xml data by overriding the the ExecuteResult method in the ActionResult and giving Conetnt-Type = "text/xml" as OP.But since i am using Wcf i don't have the controller context(as controller context is the parameter that needs to be passed to Execute Result).
My present code for converting the table data to the xml format is below.
public XDocument UsersLists(string authToken)
{
bool IsAuthenticated = Authenticate(authToken);
XDocument xDoc = new XDocument();
XElement root = new XElement("Users");
[Code]....
I need to eliminate this way of generating xml for each table records.
View 1 Replies
Jan 5, 2011
I want to know that, is there any source code security assessment module in Team Foundation against security issues? If it is there, can somebody pls point me to the documentation of it, so that I can caliberate it. I'm personally not able to find it, through google.
View 1 Replies
Apr 29, 2010
i have designed a website in my desktop and used WAT of visual studio 2008 from Website menu and then selecting ASp.Net configuration.
Now i have copied my website to a server in my local network, server name=isaserver.
i try to access WAT utility of my website at isaserver. when i change webconfig file to correct data source, utility is working but
if i create a user using my website's create user form, then that user appears in aspnetdb database of isaserver but i am not able to see that user using WAT utility.
if i create a user using WAT utility then i am not able to login into my website hosted at isaserver using that username.
no matter how i create a user, either through my website's create user form or through WAT which is mapped to isaserver, both the users will appear in aspnetdb database of isaserver.
View 7 Replies
Jul 22, 2010
I would like to encrypt the connectionstrings section in my web.config file using the : ASPNET_REGIIS utility However I'm running Windows 7 pro, that is without any IIS.
Is it possible for me to do it.
The path (on my local pc) to the website containing the web.config file is like this:
C:UsersmyUserDocumentsVisual Studio 2010ProjectsmyWebsitemyWebsiteWeb.config
View 3 Replies
Mar 3, 2010
i was hoping to build the user/role configuration utility into my website. I have posted before, and from what i have read, you need to create your own user/role membership utility in your website.but, i noticed in the
Microsoft.net directory C:WINDOWSMicrosoft.NETFrameworkv2.0.50727ASP.NETWebAdminFiles, that this is the entire interface for managing roles and users for a web site as long as you use standard asp.net security.is it possible to copy this site into my site to have a ready-to-go interface for user management without a user needing to have visual studio? It seems like it should be possible with minimal code changes, but I might be wrong. Im just looking for a shortcut.
View 1 Replies
Mar 8, 2011
The site is running on my local IIS 6.1. I Would like to add some features to pull information from our AD. My AD code works on many other projects and on my dev server. Here are my attempts at writing out the username:
Response.Write("1. " + this.Request.LogonUserIdentity.Name);
Response.Write("2. " + Request.ServerVariables["Auth_User"]);
Response.Write("3. " + WindowsIdentity.GetCurrent().Name.ToString());
The results I get are:
NT AUTHORITYIUSR
administrator
NT AUTHORITYNETWORK SERVICE
How can I get at the actual windows username like ourdomain/username
View 5 Replies
Mar 1, 2011
We are observing some strange behaviour in our web server logs where where the Identity of the currently logged in user seems to be getting swapped with another user. I will describe our set up before explaining further.
We are running an asp.net web site (v3.5 of the framework) on 2 Windows 2008 web servers and use forms authentication.They are load balanced using a separate server running Apache 2.2 on Linux (Cent OS 5). The load balancing simply attaches a cookie to a user and directs them to a particular server for each subsequent request.
We notice on occasion patterns in the log like this (details obfuscated)
First Log Entry
UserName - customer1@x.com
UserId - 1111
WebPage - page1
IP - ip1
Time - 2010-06-29 12:56:20.750
SessionId - h3uyz2fsdfegugjy452sdz0far.........
We are using forms authentication using the standard asp.net forms authentication framework (the standard login control and we implemented a custom membership provider).
The UserName is the Windows identity retrieved using "HttpContext.Current.User.Identity.Name" The UserId is the database Id set in the session. The sessionId is retrieved using "HttpContext.Current.Session.SessionID"
As you can see the same Windows identity is the same for 2 different users, under different IP addresses and with different session id's, hitting the site about the same time. We checked and the IP's were from totally different locations. The wrong windows identity seems to be getting recorded. UserId 2222 should have a different username recorded.
Since it happens very occasionally, the code is standard and has not changed substantially for some time we don't "think" it is a coding error. We presume either a problem with the load balancer or some problem in the web server. I have never heard of such problems in asp.net before.
The forms authentication entry in the web.config is
authentication mode="Forms"
forms loginUrl="LoginPage.aspx" name=".ASPXFORMSAUTH"
View 3 Replies
Sep 9, 2010
I'm currently integrating a web application into a customers network. The application has been successfully used many times.But here we've got the following problem:If the login page is requested just by the hostname everything works fine, but if the FQDN is used the login page just reloads withous doing anything. There's no error displayed.http://hostname:port/Login.aspx => fine
http://hostname.intern.customer.domain.foo.com => doesn't work, no error
(The FQDN is quite long)
The login page is very simple:
<asp:Login ID="loginCtrl" runat="server">
<LabelStyle HorizontalAlign="Left" />
</asp:Login>
Codebehind:
protected override void OnLoad(EventArgs e)
{
if (!this.IsPostBack)
[code]...
View 1 Replies
Feb 7, 2011
In IIS 7.5 server I have a website apps.mydomain.com. Site binding for this website is:
IP: All Unassigned
Port: 80
Host name: apps.mydomain.com
In DNS there is an ip address pointing to apps.mydomain.com. Site comes up fine when browsing to this hostname.
I want to get current windows logged in username from asp.net web apps. I enabled windows authentication and disabled anonymous. Using this ASP.Net code to test:
Response.Write(Page.User.Identity.Name);
However, browsing to http://apps.mydomain.com/site/ the application pool identity shows as the Page.User.Identity.Name value and not the current windows logged in username.
If I browse to http://servername/site/ then Page.User.Identity.Name will return current windows logged in username.
Is there something else I need to configure to get the current windows logged in username when using host header?
web.config:
<?xml version="1.0"?>
<configuration>
<system.web>
<authentication mode="Windows"/>
</system.web>
</configuration>
App pool config (left out "handlers" for brevity, there's a 30000 char limit):
[Code]....
View 2 Replies