I am developing test application for displaying claims of authenticated identity in MVC-ASP.net (Visual studio 2013)
I have given authentication from active directory in following way.
1.Add new mvc project in solution .
2.click on Change authentication.
3.select organization account
4.select on premises.
5.given federation url
6.App Id url
After running the application i am getting following error.
WIF10201: No valid key mapping found for securityToken: 'System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'http://websso.avanade.com/adfs/services/trust'
This error is coming only for this federation for other federation i am able to see claims.
After searching on internet i am thinking that it is certificate(thumbprint) issue.
But I am not clear with solutions.
Can anybody explain me why this error throwing and solution for the same.
Thanks in Advance !!!
There could be 2 causes for this error.
Missing thumbprint in web.config: Get the actual thumbprint from ADFS and put in web.config under the thumbprint tag
Mismatch in port number between the site and ADFS configuration: Update ADFS configuration with the url containing the correct port number
The second solution fixed it for me...
I ran into this while trying to update a legacy MVC application to use AAD.
I based the changes on a newly created project with organizational authentication and noticed I did not have a connection string named DefaultConnection, which the DatabaseIssuerNameRegistry assumes you will, nor did I have either of the required tables in the database.
Using Vittorio Bertocci's great post with all the details, I refactored the code to integrate the new database tables, created and applied a migration, and inserted the appropriate key and tenant in the new IssuingAuthorityKey and Tenant tables, respectively. I also had to make sure to change the DatabaseIssueNameRegistry to use the existing DbContext.
For solutions created in VS2013 and later, the solution should contain the logic to roll over keys automatically. No need to put the value in the web.config file.
You might run into this issue when migrating your solution from local to another environment. In that case you will probably try to point your solution to a new application in Azure Active Directory. Check the following:
Make sure all urls in the web.config are pointing to the correct url not the one automatically generated when you set it up locally
Remove all enteries from IssuingAuthorityKeys table. The keys will autopopulate when you re-build the solution and run it. On the server you might need to replace the dlls manually for it to refresh
Last and most important, delete all rows from the Tenants table. On the first run on the new environment, an Admin from the owning Active Directory has to sign up and authorize the application.
If the values in both tables are still not populated automatically after these steps, check this article for steps on how to manually get the values.
Thumbprints and server names are case sensitive in web.config. make sure they are typed correctly and restart IIS.
It fixed my issue.
Related
I'm trying to install Umbraco on an ASP.NET environment. After I downloaded the umbraco nuget package I tried to run the installation wizard, by building and running the project. All is fine and good, if i take the default database configuration, but if I want to customize my configuration, it fails and says :
"Could not connect to database"
I'm trying to configure it to use my local SQLExpress database, but I just cannot get it working. I have both tried putting in the server information and connecting via. a connection string, via. the wizard. It produces the same error every time.
I have made a database called umbracoblog and created an admin user, with credentials. He has dbowner etc. for the database. Besides that, I have also given full permissions to IIS_IUSRS and Network Service accounts for the project and all subdirectories, and it still doesn't work.
These are some of the connection strings I have tried:
datalayer=SqlServer;Data Source=.\SQLExpress;Initial Catalog=umbracoblog;User Id=admin;Password=********;
datalayer=SqlServer;Data Source=127.0.0.1\SQLExpress;Initial Catalog=umbracoblog;User Id=admin;Password=*******;
I have also tried putting in the connectionstring into the web.config, manually, but that just makes the project load infinitely in the browser, when I run it.
It's starting to get frustrating, that I cannot even get past the configuration of Umbraco, because it look very cool. I have tried everything I was able to found online. Have anyone gone through this and know what I need to do ?
Start again - clear out and remove the umbracoDbDSN connection string entirely from your web.config and reset the umbracoConfigurationStatus AppSetting back to empty if it has been populated.
Use the Wizard to configure the database - if it's still having problems connecting then here's a few things to check:
Check the Log file here: ~/App_Settings/Logs/UmbracoTraceLog.txt - does that show up any errors?
Make sure you can connect to the database using other clients - if Umbraco can't connect to it, chances are something else won't be able to as well.
What happens if you use Integrated Authentication? If that works, then it's most likely an issue with the username and password you specified.
The password I had for the SQL Server user had a character that the installation UI didn't accept. I changed the password to remove special characters and it was able to connect to the server again. I could successfully log in through SSMS with the previous password.
I created a basic MVC app to do CRUD operations on database tables. I'm using Entity Framework Database First, so I was able to just scaffold out controllers and views very quickly.
We have a dev, qa, and prod database. The schema should be identical with only the data in each being different.
I want to create a dropdown that will let me change the connection string from the app. I'm not sure the best way to do this. It currently works just fine using the dev connection string, but if I manually change the database to qa from web.config, whenever I try to create or update an existing record from the app, I get this error:
"The UPDATE permission was denied on the object"
I don't get this error using the dev database.
The problem is with your database permissions.
Use the following link and go through the security/permissions and you will be able to solved the problem.
http://blog.sqlauthority.com/2012/04/23/sql-server-introduction-to-sql-server-security-a-primer/
Please verify that your user has the same permissions on qa/prod as it does in dev.
I am new to coding and everytime I ask a question I feel like stupid because I mostly am unfamiliar with most known things in this "industry" so I will sum up the whole situation fastly.
I learned how to code html css and js, I learned how to use VS 2012 asp.net mvc 4 and finally I made a webside for a student club I am into. Hosting is provided by our school and they only gave me ftp user name and password, I dont know which hosting firm is it or what is going on and so on, I got Filezilla to delete and unpublish the old webside, and I didnt know a proper way to publish asp.net websides through filezilla so I used VS 2012 publish tool.
I choosed FTP as publish method because I had ftp user name... I choosed relase as configuration and thats it ( I didnt open options here ) finally I could push on publish...
I faced 2 main problems so I couldnt publish
Problems I faced were;
1) While I was trying to publish I got an error like
" Validation (HTML5): Element 'a' must not be nested within element 'a button' "
I was trying to make a nav with sub items on it, It worked while I was trying it on local host I saw similar problems spoken out here on VS 2010 I tried to make exstensions to VS didnt work out
Anyway I deleted that part from the project and I tried publishing again.
2)It worked out perfect it seemed like no problem occoured. But when I try to open the webside it was saying I had no permisson to view.
I hope I didnt write any off topic staff here just try to tell you my problems so maybe someone can get help like I did from prior topics.
" Validation (HTML5): Element 'a' must not be nested within element 'a
button' "
You cannot have one anchor tag inside another anchor tag. If you have it that will cause you the problem.
Check out this thread to find out valid elements which can be nested inside an Anchor tag.
I had no permisson to view.
You need to give proper read/write permissions for the ApplicationPool Identity on the folder structure you have for your website. Or else IIS Apppool will not be able to get the files and execute them.
Give permissions to AppPool Identity for a particular folder/file. That resource will guide you one how to give you permissions to Application Pool Identity.
Alternatively you can give permissions from FileZilla itself. Simply right click the application root folder and select permissions. Then you can specify permissions from client side itself. But in most of the production cases, we have to add app pool user to the folder/file permissions list manually. But definitely give a try with FileZilla.
I've been trying to create an ASP.net - MVC app that uses entity framework to connect to an Azure database.
I used a database first method to try and create the Model, I was able to connect to my azure database and successfully create the model.
Everything was working perfectly and I was able to retrieve my values from my azure database then I tried to publish the website to an Azure website. The website works fine and I have the website registered as able to use the azure database. When I click on the button that hits the controller to access the database I then get "Sorry, an error occurred while processing your request."
When I looked into this a bit more I seen that when I created my Entity Data model using the wizard it created a connection string to a local db for my entity connection settings. I'm guessing this is saving some entity framework settings but my problem is obviously when I publish the website to Azure it can't access this local db.
Any suggestions on how to either get this DB onto Azure or avoid using this extra database?
Thanks
This is the best tool to migrate your local database to Azure. Before publishing your site change the web.config to point to the Azure database. It will solve your problem.
Like you already explained, it seems that you web.config still points to your local database. Try to look at your web.config and see if you have connection strings pointing to .\SQLExpress, localhost\SQLExpress, ".", ...
Then, like Geenthanga's explains, you need to modify this value before deploying (it should point to your SQL Azure database instead). But you shouldn't do this manually! Instead, consider using web.config transformations, as explained here: Web Deployment: Web.Config Transformation.
This way you can have 2 web.config transformation files:
Web.Debug.config: This file would contain the transformations to add the connection string pointing to your local database.
Web.Release.config: This file would contain the transformations to add the connection string pointing to SQL Azure.
I've been experimenting with ASP.Net MVC, and have come across a problem that is probably not specifically MVC related. But I cannot get the authentication in the default MVC application (the one created by the wizard when you create a new MVC project) to work properly under IIS 7 on Windows 7.
If I run under the Visual Studio environment, it works, but if I switch the settings to run under IIS instead, I get the following exception trying to submit the login or registration:
Failed to generate a user instance of
SQL Server due to failure in
retrieving the user's local
application data path. Please make
sure the user has a local user profile
on the computer. The connection will
be closed.
I believe that this is because the website runs under my own account in Visual Studio, but under the IUSR account in IIS. Google searches on the exception message have been unhelpful so far.
So, can one create a local user profile for the IUSR account? If so, how? Is there something else I should be doing to get the SQLExpress engine to work under the anonymous account in IIS 7?
I also tried configuring the IIS website to use my account, but since this is my home machine, my account doesn't have a password, and it appears that IIS won't let a website be configured to use an account without a password. Or, since this is my first experience with IIS 7, and configuration feels very different than IIS 5/6, I am just missing the right setting that will let me configure the account to use for anonymous access.
EDIT: Some additional information. If I empty the App_Data folder and try again from IIS, SQLExpress attempts to create my database and fails, but the exception message has further information with the following suggestions.
SQLExpress database file auto-creation
error:
The connection string specifies a
local Sql Server Express instance
using a database location within the
applications App_Data directory. The
provider attempted to automatically
create the application services
database because the provider
determined that the database does not
exist. The following configuration
requirements are necessary to
successfully check for existence of
the application services database and
automatically create the application
services database:
If the applications App_Data directory does not already exist, the
web server account must have read and
write access to the applications
directory. This is necessary because
the web server account will
automatically create the App_Data
directory if it does not already
exist.
If the applications App_Data directory already exists, the web
server account only requires read and
write access to the applications
App_Data directory. This is necessary
because the web server account will
attempt to verify that the Sql Server
Express database already exists within
the applications App_Data directory.
Revoking read access on the App_Data
directory from the web server account
will prevent the provider from
correctly determining if the Sql
Server Express database already
exists. This will cause an error when
the provider attempts to create a
duplicate of an already existing
database. Write access is required
because the web server accounts
credentials are used when creating the
new database.
Sql Server Express must be installed on the machine.
The process identity for the web server account must have a local user
profile. See the readme document for
details on how to create a local user
profile for both machine and domain
accounts.
I've pretty extensively confirmed that the first three suggestions have been satisfied. The fourth seems to be the cause of my problems, but I can't figure out how to do that. And although the suggestion claims there is a readme document that describes it, I have not been able to find that document.
I got this problem as well running under medium trust. The process that creates the database requires at least High trust. You can check this by looking in your Web.Config for
<trust level="TrustLevel" />
If there is no trust specified in your Web.Config, try adding it and set it to either Full or High. If this doesn't work, there is a machine.config in your IIS which you would need to modify.
That being said, the best route I have found to solve this is to just use aspnet_regsql.exe to create the necessary tables and then change the connection string in your Web.Config to look at it directly.
I solved "The directory 'LocalApplicationData' does not exist." error when running an SSIS package through an SQL Job by ensuring the SQL SSIS service and SQL Server Agent service were running under the same account as the swql job was set to use!
This in my case was a domain account.
Solution: Try UNINSTALLING any updates before you started experiencing the issue. I spent countless hours - wasted hours that I will never get back in my life - reading and following every solution possible without success. I uninstalled all SQL Server updates and now everything works fine.