I am trying to connect to Azure Active Directory from an ASP.NET application. I am following this article by Microsoft to write the code:
https://learn.microsoft.com/en-us/azure/active-directory/develop/quickstart-v2-aspnet-webapp#prerequisites
Below are my values I am putting in the application:
<add key="ClientId" value="XXXXXXXXXX" />
<add key="Tenant" value="XXXXXXXXXXXXXXXXXXXX" />
<add key="Authority" value="https://login.microsoftonline.com/{0}/v2.0" />
<add key="redirectUri" value="https://localhost:5000/" />
For my redirect URI, I use https://localhost:5000/. This is what I configured in my App registrations in the Azure portal. When I run my application, I get this error:
When I change the redirectUri to https://localhost:44368/ then I can see the Microsoft login and Microsoft accepts the userId too, but I get an error after inputting my password saying :
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application:
Any help will be highly appreciated.
The error says it all. You have to check in App Registrations > Manage > Authentication > Redirect URL and see if the URL https://localhost:44368/ is configured there or not. If its configured, you will be able to get the required response for sure.
Related
I am deploying my ASP.NET application on IIS. Everything works well when I run it on Visual Studio with IIS Express but when I use IIS, the event viewer shows this error.
I added a login on SQL Server but still get the same error
Any idea on what I could be missing?
Grand DB_Owner permission for "IIS APPPOOL\test.bata.com". also check the connection string in web.config file
You can try to use custom identity in application pool with the windows user name password and use this string in web.config file.
<add name="umbracoDbDSN" connectionString="data source=YOUR_SERVER_NAME;database=nrc;Integrated Security=SSPI;persist security info=True;" providerName="System.Data.SqlClient" />
For more detailed steps you can refer to this link: https://forums.iis.net/t/1249665.aspx
i want to configure multi-developer development environment for a web site in EPi server 8. i have followed this article to do this(i guess that's the only article provided on web for this purpose :-) )
i have moved my EPi Server database and VPP folder(Modules/_protected) to a shared location
I have changed following physical paths web.config
<episerver.packaging protectedVirtualPath="~/EPiServer/" protectedPath="\\location\Modules\_Protected" publicVirtualPath="~/modules/" publicPath="modules" />
<virtualPathProviders>
<clear />
<add name="ProtectedModules" virtualPath="~/EPiServer/" physicalPath="\\location\Modules\_Protected" type="EPiServer.Web.Hosting.VirtualPathNonUnifiedProvider, EPiServer.Framework" />
</virtualPathProviders>
I have restarted IIS as well but still website tries to access EPiServer.Cms.Shell.UI.zip from old location which is [websiterootfolder]\modules_protected\CMS
Can anyone please help????
I'm having some trouble accessing the AWS credentials in the SDK Store, but it seems to only be a problem when running under IIS. If I hit the same code by invoking an NUnit test with ReSharper the dependency injection works and the S3 client is able to authenticate.
IAmazonS3 s3Client = new AmazonS3Client();
Has anyone else run into this problem? How were you able to get the dependency injection to work?
[Edit]
The credential file approach has been recommended for use with IIS because the SDK Store encrypts the credentials differently for each user. I can only get a credentials file to work if I hard-code the path in the appSettings which I do not want to do.
Where would the SDK look for the credentials file besides the below paths?
C:\Users\<IIS_app_name>\.aws\credentials
C:\Users\<my_domain_user>\.aws\credentials
The question was answered under Pavel's answer, but I'll post an answer to make the information easier to consume. You can specify the credentials file location in the webLocal.config (I wasn't able to get it to work without that). When the app is deployed, the credentials file location will be an invalid path, and the SDK will fail over to using the IAM role for the EC2 instance.
webLocal.config
<?xml version="1.0"?>
<appSettings>
<!-- AWS -->
<add key="AWSProfilesLocation" value="C:\Users\<IIS_app_name>\.aws\credentials" />
<add key="AWSRegion" value="us-west-2" />
<add key="S3Bucket" value="bucket." />
</appSettings>
The dependency injection will work when you instantiate a client without arguments.
IAmazonS3 s3Client = new AmazonS3Client();
The SDK Store saves the credentials under the C:\Users\<username>\AppData\Local\AWSToolkit folder, so unless IIS is being run under the same account as the NUnit tests, IIS will not be able to access the same credentials.
This blog discusses the various options for storing and using credentials. In your case, it looks like a better option would be to use the credentials file.
I'm having trouble accessing a network share using ASP.net C#.
I've used the identity in web.config
<identity impersonate="true" userName="username" password="password" />
And changed the machine.config file. I've also enabled impersonation in IIS.
I try to use this code:
System.IO.Directory.CreateDirectory("\\\\networklocation\\test");
And I get the following error:
Parser Error Message: Could not create Windows user token from the credentials specified in the config file. Error from the operating system 'Logon failure: unknown user name or bad password.
The network share location has access to all users (everyone account).
Any ideas whats going wrong here?
Are you specifying the correct domain for the user?
<identity impersonate="true"
userName="domain\user"
password="password" />
why do you use impersonation if everyone account is active ?
remove the impersonation Section
I'm using the following code to authenticate via Kerberos.
IntPtr logonToken = WindowsIdentity.GetCurrent().Token;
string authenticationType = "WindowsAuthentication";
WindowsIdentity windowsIdentity = new WindowsIdentity(logonToken, authenticationType);
//windowsIdentity.Name == equals "IIS APPPOOL\Classic .NET AppPool" when I want it to be the user
This only happens when I try and run my .NET application the Web Server. If I run the code locally on my machine for debugging, it shows my userid in the Name property. Any suggestions on how to get this working on a web server?
You need to enable impersonation in web.config:
To configure ASP.NET to impersonate the Windows identity supplied by IIS as the WindowsIdentity for the ASP.NET application, edit the Web.config file for the application and set the impersonate attribute of the identity configuration element to true, as shown in the following example.
<configuration>
<system.web>
<identity impersonate="true" />
</system.web>
</configuration>
When you run the code locally for debugging you're probably using the web dev server that runs as your logged-in user, which is why you'll see the correct user in debug.
Your problem is, your IIS server runs under its own identity, not yours. Therefore, WindowsIdentity.GetCurrent().Token returns IIS work process' identity.
You can configure your website to run under different identity (including yours) using IIS Manager console: