I wrote a WCF C# client that consumes a Java webservice:
var client = new abcClient("abc");
var response = client.AbcTransaction(msg);
The WCF binding info from web.config is:
<customBinding>
<binding name="abcSOAP">
<textMessageEncoding messageVersion="Soap12" />
<httpsTransport requireClientCertificate="true" />
</binding>
</customBinding>
It looks pretty straight-forward, right? ...And indeed, SoapFaults are easy to consume:
HTTP/1.1 500 Internal Server Error
Content-Length: 783
Content-Type: application/soap+xml;charset=UTF-8
Server: Microsoft-IIS/8.0
Date: Mon, 18 Nov 2013 14:06:18 GMT
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
<soap:Body><soap:Fault>...
However, the webservice sends "regular" responses in the multipart/related content-type:
HTTP/1.1 200 OK
Content-Type: multipart/related; type="application/xop+xml"; boundary="uuid:c79210c3-bbef-4aa3-82ae-6a20c7a96564"; start="<root.message#cxf.apache.org>"; start-info="application/soap+xml"
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.0
Date: Mon, 18 Nov 2013 14:11:25 GMT
Content-Length: 658
--uuid:c79210c3-bbef-4aa3-82ae-6a20c7a96564
Content-Type: application/xop+xml; charset=UTF-8; type="application/soap+xml";
Content-Transfer-Encoding: binary
Content-ID: <root.message#cxf.apache.org>
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">...
This leads to a ProtocolException in the WCF client because the WCF client does not expect a multipart/related answer. The ProtocolException message is (in German):
Der Inhaltstyp "multipart/related; type="application/xop+xml";
boundary="uuid:ead716a3-4b8b-4207-ad66-b9f18ae368b2";
start="";
start-info="application/soap+xml"" der Antwortnachricht stimmt nicht
mit dem Inhaltstyp der Bindung (application/soap+xml; charset=utf-8)
überein. Wenn Sie einen benutzerdefinierten Encoder verwenden, sollten
Sie sicherstellen, dass die IsContentTypeSupported-Methode korrekt
implementiert ist. Die ersten 1024 Bytes der Antwort waren: ...
In English:
The content type "multipart/related; type="application/xop+xml";
boundary="uuid:ead716a3-4b8b-4207-ad66-b9f18ae368b2";
start="";
start-info="application/soap+xml"" of the response message
does not match the content type of the binding (application/soap+xml; charset=utf-8). If using a custom encoder, be sure that the
IsContentTypeSupported method is implemented properly. The first 1024
bytes of the response were: ...
Does anyone have an idea how I can consume this multipart/related message with a WCF client (without using the HttpWebRequest class)? Is there any configuration available for this szenario?
Max' and Mehmet's hints showed the right direction but I had to change a bit more.
Since I used the element in , the wcf configuration ignored the messageEncoding="Mtom" attribute.
Instead of using attribute, it seems better to use the element directly:
<binding name="energylinkSOAP">
<mtomMessageEncoding messageVersion="Soap12" />
<httpsTransport requireClientCertificate="true" />
</binding>
By that you also can define more configurations, such as messageVersion.
I think that converting system into to MTOM will work for that.
Related
I have a client that sends a simple web request to a SOAP service. It is a simple C# program that uses the WSDL file of the service to create a client. The service is hosted on IIS 8.5 and Windows Server 2012. It works fine when using anonymous authentication but it fails with Windows authentication. Both client and service are in the same domain, user permissions are also fine.
I configured IIS so that it disables all forms of authentication except Windows authentication (Negotiate, NTLM). The client is configured so that it uses Windows as the client credential type.
When I send a request I get the following error:
"The HTTP request is unauthorized with client authentication scheme 'Negotiate'. The authentication header received from the server was 'Negotiate, NTLM'"
I then tried out a tool I found on github called "WebServiceStudio". With that tool I set the WSDL, selected my request method and it worked, even with Windows authentication.
I looked at both attempts with Wireshark and noticed that the WebServiceStudio request immediately sends the Negotiate token with the first request while my own client sends the token in the second request, which to my understanding is how Windows authentication usually works.
I tried on IIS side but nothing worked so far:
Changed authentication order (Negotiate, NTLM and NTLM, Negotiate)
Changed authentication to only Negotiate
Changed extended protection in the advanced settings (neither option made a difference)
Verified that the WindowsAuthentication and WindowsAuthenticationModule were both installed
My goal is that my own C# client can successfully authenticate with Windows authentication.
Here's the C# client's configuration:
<configuration>
<startup>
<supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.0"/>
</startup>
<system.serviceModel>
<client>
<endpoint address="server address" binding="basicHttpBinding"
bindingConfiguration="MyContractSoap" contract="MyContract.MyContractSoap" />
</client>
<bindings>
<basicHttpBinding>
<binding name="MyContractSoap">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportCredentialOnly">
<transport clientCredentialType="Windows" proxyCredentialType="Windows" />
</security>
</binding>
</basicHttpBinding>
</bindings>
</system.serviceModel>
</configuration>
And here is the wireshark data of my client's request:
POST /ABC/ShipmentDocuments.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
SOAPAction: "ABC/DocumentShipped"
Host: sdespte3
Content-Length: 333
Expect: 100-continue
Accept-Encoding: gzip, deflate
<!-- Server rejects request and states authentication method -->
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Tue, 18 Feb 2020 10:20:01 GMT
Content-Length: 1344
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Nicht autorisiert: Zugriff aufgrund ung.ltiger Anmeldeinformationen verweigert.</title>
</head>
<body>
<div id="header"><h1>Serverfehler</h1></div>
<div id="content">
<div class="content-container"><fieldset>
<h2>401 - Nicht autorisiert: Zugriff aufgrund ung.ltiger Anmeldeinformationen verweigert.</h2>
<h3>Die angegebenen Anmeldeinformationen berechtigen Sie nicht, dieses Verzeichnis oder diese Seite anzuzeigen.</h3>
</fieldset></div>
</div>
</body>
</html>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body>Request data here</s:Body></s:Envelope>
<!-- We send the negotiate token -->
POST /ABC/ShipmentDocuments.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
SOAPAction: "ABC/DocumentShipped"
Accept-Encoding: gzip, deflate
Authorization: Negotiate YIIHog...Token here
Host: abc
Content-Length: 333
Expect: 100-continue
<!-- Rejected again, unsure why -->
HTTP/1.1 401 Unauthorized
Cache-Control: private
Content-Type: text/html
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
WWW-Authenticate: Negotiate
WWW-Authenticate: NTLM
X-Powered-By: ASP.NET
Date: Tue, 18 Feb 2020 10:20:01 GMT
Content-Length: 1344
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>
<title>401 - Nicht autorisiert: Zugriff aufgrund ung.ltiger Anmeldeinformationen verweigert.</title>
<style type="text/css">
And finally the wireshark data of the other tool that worked:
POST /ABC/ShipmentDocuments.asmx HTTP/1.1
Content-Type: text/xml; charset=utf-8
SOAPAction: "ABC/DocumentShipped"
Authorization: Negotiate YIILV...Token here
Host: sdespiis1
Content-Length: 415
Expect: 100-continue
HTTP/1.1 100 Continue
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body>Request body here</soap:Body></soap:Envelope>
<!-- Accepted -->
HTTP/1.1 200 OK
Cache-Control: private, max-age=0
Content-Type: text/xml; charset=utf-8
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
Persistent-Auth: false
X-Powered-By: ASP.NET
WWW-Authenticate: Negotiate oYG2MIGzo... Token here
Date: Tue, 18 Feb 2020 15:24:39 GMT
Content-Length: 295
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body>Body here</soap:Body></soap:Envelope>
Update: Here is the client's source code to call the service.
Program:
class Program
{
static void Main(string[] args)
{
sendWebRequest();
}
static int _orderId = 1;
static int _mandant = 1;
static string _sId = "0123456789012345678901";
static string _isShipped = "eingeliefert";
static void sendWebRequest()
{
Console.WriteLine("Start webrequest Orderid: {0}, mandant: {1}, sId: {2}, isShipped: {3}", _orderId, _mandant, _sId, _isShipped);
WebserviceManager wm = new WebserviceManager();
wm.Open();
wm.SetStateToShipped(_orderId, _mandant, _sId, _isShipped);
wm.Close();
Console.WriteLine("Webrequest erfolgreich");
}
}
WebserviceManager:
public class WebserviceManager
{
protected MyContract.MyContractSoapClient _soapClient;
public WebserviceManager()
{
}
public void Open()
{
_soapClient = createWebServiceClient();
try
{
_soapClient.Open();
}
catch (Exception ex)
{
Logging.Error("Open", ex);
throw ex;
}
Logging.Info("_soap-Client open");
}
public void Close()
{
_soapClient.Close();
}
public void SetStateToShipped(int orderNo, int mandant, string sId, string isShipped)
{
_soapClient.DocumentShipped(orderNo, mandant, sId, isShipped);
}
protected MyContract.MyContractSoapClient createWebServiceClient()
{
return new MyContract.MyContractSoapSoapClient();
}
}
So it looks like the impersonation was not properly set up. I added the following line in my client program, right after creating the client object:
protected MyContract.MyContractSoapClient createWebServiceClient()
{
var client = new MyContract.MyContractSoapSoapClient();
client.ClientCredentials.Windows.AllowedImpersonationLevel = TokenImpersonationLevel.Impersonation;
return client;
}
And now Windows authentication works as expected!
I have a Winform Application that I can use TCP client to connect to WCF service, but I don't know how to call its function.
I've been looking at sending SOAP-XML request to WCF service through TCP client, but always get "Bad Request" respond.
Here's my request:
POST /MyService.svc HTTP/1.1
Host: MyHost.com
Content-Type: text/xml; charset=utf-8
Content-Length: 700
SOAPAction: "http://MyHost.com/MyService/MyFunction"
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance
xmlns:xsd=http://www.w3.org/2001/XMLSchema
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<Action soap:must Understand="1"
xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">
http://MyHost.com/MyService/MyFunction
</Action>
</soap:Header>
<soap:Body>
<MyFunction xmlns="http://MyHost.com/">
</MyFunction>
</soap:Body>
And here's response:
HTTP/1.1 400 Bad Request
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 07 Jul 2015 01:32:13 GMT
Connection: close
Content-Length: 339
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Bad Request</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Bad Request - Invalid Header</h2>
<hr><p>HTTP Error 400. The request has an invalid header name.</p>
</BODY></HTML>
I am using the Spring.Net Framework (spring.rest, spring.social.core and spring.social.twitter (2.x - oauth 1.0a) with c#.
The idea of the application will be for an event, people can link their twitter account to the event and as results are received for that person. The persons result it posted to their twitter account.
It will be made up of a website where users will register and give access. Then a console application which will process results (using the saved token set to post to registered users.
I have a web mvc application that asks a user to sign in and authorise an application so that it can post on behalf of the user. This information returned (token etc) is encrypted and kept in a db linked to the user. e.g. Our website - redirect to callback url - twitter - sign in +permission - back to callback url - store token info in db encrypted.
I then have a console application (eventually a service) which looks at results, when we have a result for a person with twitter account associated and permission given. We use that information to post to their account (their result).
The sign up process works fine, and i can post to the signed up person. saying they've registered. (website)
The console application initially worked to be able to post up results.
However, suddenly I am getting ( i think this is just a time frame (approx an hour) - works soon as a they register.)
"POST request for 'https://api.twitter.com/oauth/access_token' resulted in 401 - Unauthorized (Authorization Required)."
Linked to a user (in our system) - i am encrypting and storing verifier (from callback), secret and value. I then am using this to exchange for a access token to get secret and value to be able to post.
This is currently all a demo (going to 127.0.0.1) for a proof of concept.
So far only tried all this with the Spring.Social framework (c#)
When it works via console application -- RAW -
REQUEST
POST https://api.twitter.com/oauth/access_token HTTP/1.1
Accept: application/x-www-form-urlencoded,multipart/form-data,/
Authorization: OAuth oauth_consumer_key="xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
, oauth_signature_method="HMAC-SHA1"
, oauth_timestamp="1417007918"
, oauth_nonce="1784014115"
, oauth_version="1.0"
, oauth_token="yyyyyyyyyyyyyyyyyyyyyyyyyyy"
, oauth_verifier="zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz"
, oauth_signature="vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv"
Content-Type: application/x-www-form-urlencoded
Host: api.twitter.com
Content-Length: 0
Connection: Keep-Alive
RESPONSE
HTTP/1.1 200 OK
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 167
content-security-policy: default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; report-uri https://twitter.com/i/csp_report?a=NVXW433SMFUWY%3D%3D%3D&ro=false;
content-type: text/html; charset=utf-8
date: Wed, 26 Nov 2014 13:18:40 UTC
etag: "fbf12c0103c8a9a4e85476ebc4a721fb"
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 26 Nov 2014 13:18:39 GMT
pragma: no-cache
server: tsa_b
set-cookie: twittersess=BAh7BzoPY3JlYXRlZF9hdGwrCAnzQOxJAToHaWQiJTZjODM4ZWMwZDg4ZjY0%250ANGFjYWE0N2M1YWU0MmMzNmZl--af2ffe955256e30da84bc52b585d7c30b6926284; domain=.twitter.com; path=/; secure; HttpOnly
set-cookie: guest_id=v1%3A141700791973784560; Domain=.twitter.com; Path=/; Expires=Fri, 25-Nov-2016 13:18:40 UTC
status: 200 OK
strict-transport-security: max-age=631138519
vary: Accept-Encoding
x-connection-hash: bd73d7f87abb9c16caef67f675d8641b
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-mid: 4e5118e4376219e001674f1292c123965885210f
x-runtime: 0.10480
x-transaction: d24c3b12ea39be37
x-ua-compatible: IE=edge,chrome=1
x-xss-protection: 1; mode=block
oauth_token=xxxxx-xxxxxxxxxxxxxxxxxxxxxx&oauth_token_secret=yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy&user_id=2xxxxxxxxxxxxxx&screen_name=naxxxxxx
After about an hour(couple of hours in this instance) same code will fail.... with HTTP/1.1 401 Authorization Required - Invalid / expired Token.
REQUEST
POST https://api.twitter.com/oauth/access_token HTTP/1.1
Accept: application/x-www-form-urlencoded,multipart/form-data,*/*
Authorization: OAuth oauth_consumer_key="xxxxxxxxxxxxxxxxxxxxxxxxxxxx"
, oauth_signature_method="HMAC-SHA1"
, oauth_timestamp="1417018992"
, oauth_nonce="2294192392"
, oauth_version="1.0"
, oauth_token="yyyyyyyyyyyyyyyyyyyyyyyyyyy"
, oauth_verifier="zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz"
, oauth_signature="vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv"
Content-Type: application/x-www-form-urlencoded
Host: api.twitter.com
Content-Length: 0
Connection: Keep-Alive
RESPONSE
HTTP/1.1 401 Authorization Required
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-length: 136
content-security-policy: default-src https:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data:; media-src https:; object-src https:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; report-uri https://twitter.com/i/csp_report?a=NVXW433SMFUWY%3D%3D%3D&ro=false;
content-type: text/html; charset=utf-8
date: Wed, 26 Nov 2014 16:23:13 UTC
expires: Tue, 31 Mar 1981 05:00:00 GMT
last-modified: Wed, 26 Nov 2014 16:23:13 GMT
pragma: no-cache
server: tsa_b
set-cookie: _twitter_sess=BAh7CDoPY3JlYXRlZF9hdGwrCEzs6exJAToHaWQiJWI5MDgzMzk0Y2FhMGY2%250AMGNlNmEyYzQzZjk5OGEyNjAyIgpmbGFzaElDOidBY3Rpb25Db250cm9sbGVy%250AOjpGbGFzaDo6Rmxhc2hIYXNoewAGOgpAdXNlZHsA--86562a75e3ddabab3c688e726e6c42fe37a067ea; domain=.twitter.com; path=/; secure; HttpOnly
set-cookie: guest_id=v1%3A141701899357688419; Domain=.twitter.com; Path=/; Expires=Fri, 25-Nov-2016 16:23:13 UTC
status: 401 Unauthorized
strict-transport-security: max-age=631138519
vary: Accept-Encoding
www-authenticate: OAuth realm="https://api.twitter.com"
x-connection-hash: 24d849ec3bead25133b581794d34c74f
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-mid: aed281dc4b2e3fb483737ccd772ce1d8d3f6064d
x-transaction: d41ff14981c7a0ec
x-ua-compatible: IE=edge,chrome=1
x-xss-protection: 1; mode=block
<?xml version="1.0" encoding="UTF-8"?>
<hash>
<error>Invalid / expired Token</error>
<request>/oauth/access_token</request>
</hash>
Can anyone help or advice on what I should be persisting to be able to post on behalf of a user - once they've given us permission from a service or console application.
Thanks in advance.
I managed to solve issue. I removed Spring.Social from equation and wrote some quick code to talk to Twitter API without a framework, this gave me a better understanding of what the steps and process were.
Using this I then re-added the framework and I think I use it correctly now. As it all works.
My issue was that once I got my request token+verifier - supplying callback, consumer etc. I then used that to get an access token to perform posts etc.
However, every time I attempted to post I tried to exchange request token value + secret and verifier to get the access token. This eventually fails.
I changed code to save returned access token and just use that directly, works fine now.
I'm programmatically trusting my yammer app through .NET. While debugging the POST request to trust an app, the responses can seemingly arbitrarily render either a 302 or a 404 as the response tries to redirect to a SharePoint MySite host.
If I during the same debug session loop my requests, I get the same type of response. I have to restart debugging to have a chance at a different response. I have tried setting minute long sleeps to ensure that time has nothing to do with which type of response I get. Same rule seem to apply: One debug session, one response type.
My question is now: What do I need to do to avoid these 404's?
Here's the fiddler responses:
THE 302 RESPONSE:
POST https://www.yammer.com/MYNETWORK/oauth2/decision?client_id=MYAPPCODE&redirect_uri=http%3a%2f%2fmy.devmachine.contoso.com&response_type=code HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: www.yammer.com
Cookie: yamtrak_id=[GUID]; _workfeed_session_id=[ID] Content-Length: 90
Expect: 100-continue
utf8=%E2%9C%93&authenticity_token=[TOKEN]=&allow=Allow
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 29 Sep 2014 13:21:51 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: close
Status: 302 Found
Location: http://my.devmachine.contoso.com?code=[CODE] X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Frame-Options: SAMEORIGIN
Cache-Control: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-UA-Compatible: IE=Edge,chrome=1
Set-Cookie: yamtrak_id=[ID]; path=/; expires=Tue, 29-Sep-2015 13:21:51 GMT; secure; HttpOnly
Set-Cookie: auth_token=; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
Set-Cookie: auth_token_sso=; domain=yammer.com; path=/; expires=Thu, 01-Jan-1970 00:00:00 GMT; secure
X-Date: 1411996911966
X-Runtime: 0.073263
7e
<html><body>You are being redirected.</body></html>
0
THE 404 RESPONSE:
POST https://www.yammer.com/MYNETWORK/oauth2/decision?client_id=MYAPPCODE&redirect_uri=http%3a%2f%2fmy.devmachine.contoso.com&response_type=code HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Host: www.yammer.com
Cookie: yamtrak_id=[GUID]; _workfeed_session_id=[ID]
Content-Length: 90
Expect: 100-continue
utf8=%E2%9C%93&authenticity_token=[TOKEN]=&allow=Allow
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 29 Sep 2014 13:26:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Status: 404 Not Found
Cache-Control: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
X-UA-Compatible: IE=Edge,chrome=1
X-Date: 1411997163223
X-Runtime: 0.068703
a45
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="X-UA-Compatible" content="IE=8,chrome=1" />
<meta http-equiv="content-type" content="text/html;charset=UTF-8" />
<title>The page you were looking for doesn't exist (404)</title>
<link href="/stylesheets/yamkit/yam.css" media="screen, projection" rel="stylesheet" type="text/css" />
<style type="text/css">
body {
...
<div id="parallax-static">
<div id="parallax-static-text">
<h1>Oops!</h2>
<h2>The page you were looking for could not be found.</h2>
Let's go back to your happy place.
</div>
</div>
...
</body>
</html>
0
I'm aware of the other yammer threads in this forum, and I'm using the new login_csrf_token cookie to authenticate, so that shouldn't be the issue.
Thanks for Reading! I'm grateful for any suggestion on how to solve this.
EDIT: I've tried setting another site (google) as my redirect url, but the alternating behaviour persists.
Found it: Turns out that sometimes the authenticity token contains plus characters (+) which needs to be URL encoded. The tokens can also contain front slashes (/) but they don't trip up the succeeding call to /session or /oauth2/decision, only plus does.
I am working on a sample project using WebApi2 with MVC with Angular and D3 api. I am facing an issue with my WebApi. Everything working fine on local machine with Azure database connection string but when i publish the same on Azure my HttpPost stops working while HttpGet is working fine.
[HttpPost]
[Route("api/dashboard/addnewassignment")]
public WebApiD3Sample.ViewModels.CoursePersonAssignmentModel AddNewCoursePersonAssignment([FromBody]WebApiD3Sample.ViewModels.CoursePersonAssignmentModel model)
{
if (ModelState.IsValid) {
var modelAfterSave = AssignmentService.AddAssignment(model);
return modelAfterSave;
}
ModelState.AddModelError("Invalid", "Not a Valid Save");
return model;
}
Error that i am facing on published
Failed to load resource: the server responded with a status of 500 (Internal Server Error)
http://sampledataweb.azurewebsites.net/api/dashboard/addnewassignment
Object
message: "An error has occurred."
__proto__: Object
I could send a post to your URL:
Status Code: 200 OK
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Content-Encoding: gzip
Content-Length: 123
Content-Type: application/json; charset=utf-8
Date: Thu, 06 Mar 2014 18:48:25 GMT
Expires: -1
Pragma: no-cache
Server: Microsoft-IIS/8.0
Set-Cookie: ARRAffinity=dbb5756ce35e0494cf70c90b9aba80f70f92f607fb3ebb3e7dffe4ecc1aba24a;Path=/;Domain=sampledataweb.azurewebsites.net WAWebSiteSID=696c72c37b2e472b90f6033923558edd; Path=/; HttpOnly
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
so the problem is in your CoursePersonAssignmentModel or AssignmentService.AddAssignment method. Install a nuget to log (i.e Elmah) and it will help you to catch the error. Another great option, you can debug using intellitrace: http://blogs.msdn.com/b/zainnab/archive/2013/02/12/understanding-intellitrace-part-i-what-the-is-intellitrace.aspx
It doesn't appear to be a cross domain issue, but just to make sure, did you allow it in your web.config?
<system.webServer>
<httpProtocol>
<customHeaders>
<remove name="Access-Control-Allow-Origin" />
<remove name="Access-Control-Allow-Headers" />
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="Origin,X-Requested-With,Content-Type,Accept" />
</customHeaders>
</httpProtocol>
</system.webServer>