• Replies 3 replies
  • Subscribers 136 subscribers
  • Views 448 views
  • Users 0 members are here
Options
Related

Tridion Docs 14.2 STS setup

Akheil Jain

Hi All, we are moving our Tridion Docs 14 auth from ADFS to STS and are running into an issue with "Bad Key". We validated at the cert can encrypt and decrypt tokens, so not sure what we are missing. Here is the detailed error. TIA.

11:45:30.4026	Debug	11	00015	a:UC:Admin	/ISHSTS/account/signin	Trisoft.InfoShare.API25.User.GetMyMetadata()		[MethodEnter(00082)]	
11:45:30.5475	Debug	11	00015	a:UC:Admin	/ISHSTS/account/signin	Trisoft.InfoShare.API25.User.GetMyMetadata()		[MethodExit(00082)]	144.8805ms
11:45:30.5726	Error	11	00015	a:UC:Admin	/ISHSTS/account/signin	Trisoft.Utilities.Logging.Web.Modules.ErrorModule.OnContextError	(httpStatusCode=[null],statusCode=[null],urlReferer=[null])	[]	
11:45:30.5726	Error	11	00015	a:UC:Admin	/ISHSTS/account/signin	Trisoft.Utilities.Logging.Web.Modules.ErrorModule.OnContextError		[]	
System.Security.Cryptography.CryptographicException: Bad Key.

   at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
   at System.Security.Cryptography.RSACryptoServiceProvider.EncryptKey(SafeKeyHandle pKeyContext, Byte[] pbKey, Int32 cbKey, Boolean fOAEP, ObjectHandleOnStack ohRetEncryptedKey)
   at System.Security.Cryptography.RSACryptoServiceProvider.Encrypt(Byte[] rgb, Boolean fOAEP)
   at System.Security.Cryptography.CngLightup.OaepSha1Encrypt(RSA rsa, Byte[] data)
   at System.IdentityModel.RsaEncryptionCookieTransform.Encode(Byte[] value)
   at System.IdentityModel.Tokens.SessionSecurityTokenHandler.ApplyTransforms(Byte[] cookie, Boolean outbound)
   at System.IdentityModel.Tokens.SessionSecurityTokenHandler.WriteToken(XmlWriter writer, SecurityToken token)
   at System.IdentityModel.Tokens.SessionSecurityTokenHandler.WriteToken(SessionSecurityToken sessionToken)
   at System.IdentityModel.Services.SessionAuthenticationModule.WriteSessionTokenToCookie(SessionSecurityToken sessionToken)
   at Thinktecture.IdentityServer.Protocols.AuthenticationHelper.SetSessionToken(String userName, String authenticationMethod, Boolean isPersistent, Int32 ttl, IEnumerable`1 additionalClaims)
   at Thinktecture.IdentityServer.Protocols.AccountControllerBase.SignIn(String userName, String authenticationMethod, String returnUrl, Boolean isPersistent, Int32 ttl, IEnumerable`1 additionalClaims)
   at Thinktecture.IdentityServer.Web.Controllers.AccountController.SignIn(SignInModel model)
   at lambda_method(Closure , ControllerBase , Object[] )
   at System.Web.Mvc.ActionMethodDispatcher.Execute(ControllerBase controller, Object[] parameters)
   at System.Web.Mvc.ReflectedActionDescriptor.Execute(ControllerContext controllerContext, IDictionary`2 parameters)
   at System.Web.Mvc.ControllerActionInvoker.InvokeActionMethod(ControllerContext controllerContext, ActionDescriptor actionDescriptor, IDictionary`2 parameters)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c.<BeginInvokeSynchronousActionMethod>b__9_0(IAsyncResult asyncResult, ActionInvocation innerInvokeState)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`2.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethod(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_0.<InvokeActionMethodFilterAsynchronouslyRecursive>b__0()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.AsyncInvocationWithFilters.<>c__DisplayClass11_2.<InvokeActionMethodFilterAsynchronouslyRecursive>b__2()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass7_0.<BeginInvokeActionMethodWithFilters>b__1(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeActionMethodWithFilters(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass3_6.<BeginInvokeAction>b__4()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.<>c__DisplayClass3_1.<BeginInvokeAction>b__1(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResult`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Async.AsyncControllerActionInvoker.EndInvokeAction(IAsyncResult asyncResult)
   at System.Web.Mvc.Controller.<>c.<BeginExecuteCore>b__152_1(IAsyncResult asyncResult, ExecuteCoreState innerState)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Controller.EndExecuteCore(IAsyncResult asyncResult)
   at System.Web.Mvc.Controller.<>c.<BeginExecute>b__151_2(IAsyncResult asyncResult, Controller controller)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.Controller.EndExecute(IAsyncResult asyncResult)
   at System.Web.Mvc.Controller.System.Web.Mvc.Async.IAsyncController.EndExecute(IAsyncResult asyncResult)
   at System.Web.Mvc.MvcHandler.<>c.<BeginProcessRequest>b__20_1(IAsyncResult asyncResult, ProcessRequestState innerState)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncVoid`1.CallEndDelegate(IAsyncResult asyncResult)
   at System.Web.Mvc.Async.AsyncResultWrapper.WrappedAsyncResultBase`1.End()
   at System.Web.Mvc.MvcHandler.EndProcessRequest(IAsyncResult asyncResult)
   at System.Web.Mvc.MvcHandler.System.Web.IHttpAsyncHandler.EndProcessRequest(IAsyncResult result)
   at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
   at System.Web.HttpApplication.ExecuteStepImpl(IExecutionStep step)
   at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
HttpApplication.RecordError => HttpApplication.RaiseOnError => ErrorModule.OnContextError
emoji
Rate translation
×
Suggest better translation
×
Parents

  • Hi Akheil

    Not sure if this is the issue but in your web.config file, did you update the thumbprint value under the “TrustedIssuers” section?

    • If you are using ADFS, this should be the thumbprint of the certificate used by the ADFS server to sign tokens.
    • If you are using a Security Token Service (STS) hosted on the Tridion Docs server, the thumbprint should correspond to the certificate bound to port 443 on that server.

     

    This thumbprint should match the one specified earlier in the “serviceCertificate” element of the same web.config file.
    emoji
  • in reply to fgerardi

    Hi Frank, thank you for your response, I was able to get past that issue now I am able to log into Publication manager, but run into an odd issue with Content Manager, I am able to login but when I click on the "content manager" tab on the left hand pane I get a 500, the only error in the log is the following. Feel like I have tried everything, hate to say it, but I am out of ideas...

    00000000 MSG COM COM =============================================================================================================================
    00004484 ERR PRS Deva Time:22:15:51.658 TridkVersion:140.13.0.5429 Error: Tridion Docs Content Manager 14.0.5429 Error: Class not registered
    00004484 ERR PRS Deva START PARAMETER LIST
    00004484 ERR PRS Deva ====================
    00004484 ERR PRS Deva reason: Class not registered
    00004484 ERR PRS Deva ====================
    00004484 ERR PRS Deva END PARAMETER LIST
    00004484 ERR PRS Deva RAISED IN: PRS.Deva.LogObject:\0\ISAuthor.Deva.GetCurrentUserName
    emoji
Reply
  • in reply to fgerardi

    Hi Frank, thank you for your response, I was able to get past that issue now I am able to log into Publication manager, but run into an odd issue with Content Manager, I am able to login but when I click on the "content manager" tab on the left hand pane I get a 500, the only error in the log is the following. Feel like I have tried everything, hate to say it, but I am out of ideas...

    00000000 MSG COM COM =============================================================================================================================
    00004484 ERR PRS Deva Time:22:15:51.658 TridkVersion:140.13.0.5429 Error: Tridion Docs Content Manager 14.0.5429 Error: Class not registered
    00004484 ERR PRS Deva START PARAMETER LIST
    00004484 ERR PRS Deva ====================
    00004484 ERR PRS Deva reason: Class not registered
    00004484 ERR PRS Deva ====================
    00004484 ERR PRS Deva END PARAMETER LIST
    00004484 ERR PRS Deva RAISED IN: PRS.Deva.LogObject:\0\ISAuthor.Deva.GetCurrentUserName
    emoji
Children
No Data