I recently upgraded Shibboleth from versionShibboleth-sp-2.5.6.0-win64 to Shibboleth-sp-2.6.0.0-win64 and Apache web server from 2.4.16 to 2.4.23.
Post the upgrade, when I try to access my application I get the following error:
shibsp::ConfigurationException
The system encountered an error at Fri Oct 14 20:19:51 2016
To report this problem, please contact the site administrator at root#localhost.
Please include the following message in any email:
shibsp::ConfigurationException at (https://xxxxxx.xxxx/)
No MetadataProvider available.
When I access, https:/xxxxx.xxxxx/Shibboleth.sso/Metadata, the metadata file is downloaded and the details seems correct.
Does any one know why does this error occur and how can we solve it?
If it can be of help, I was writing this:
<MetadataProvider type="XML" validate="true" file="/etc/shibboleth/idp-metadata.xml" />
instead of this:
<MetadataProvider type="XML" validate="true" path="/etc/shibboleth/idp-metadata.xml" />
The XML attribute is path. I'm using Shibboleth SP version 3.
Ensure that you have a section in the default as well as an override if there exists. For me, even though there was a section properly created for the override, it needed one in the defaults
Just for the record. Most configuration of your SP takes place in shibboleth2.xml. Locate this file on your server and edit settings to your comfort.
For Linux installations:
Be sure not to edit this file from your installation path, but in your distribution path (i.e. /etc/shibboleth/shibboleth2.xml), otherwise your changes will not be visible ...
A restart of shibd (systemctl restart shibd) is mandatory after changing shibboleth2.xml.
Try the following steps:
1) Go to shar.log and check what is the entity ID returning from the IDP's assertion message.
2) Go to the corresponding IDP'S metadata in SP side, compare both entity ID's.
3) Sure there must be some mismatch between the files, so that's why SP is unable to find the IDP to which it is talking and not able to proceed further.
Finally, update the entity ID in the IDP's metadata and restart shibd. It should work.
Related
Went thru the following steps but getting issue reaching the UserStoreConfigAdminService?wsdl
https://docs.wso2.com/display/IS530/Calling+Admin+Services
Getting the following error:
The endpoint reference (EPR) for the Operation not found is /services/UserStoreConfigAdminService/ and the WSA Action = null. If this EPR was previously reachable, please contact the server administrator.
Also it says the service is available in
osgi in the list of AdminServices
Is there issues using this with Identity Server 5.8?
Missing a step?
Thanks for your help
If you are using IS 5.8.0 pack then you need to,
Change the value of the configuration '' to false in carbon.xml
Restart the server
Use the following URL to access the WSDL file.
https://localhost:9443/services/RemoteUserStoreManagerService?wsdl
If you re using IS 5.9.0 please refer to the document [1].
What you need to do is,
Open the deployment.toml file in the /repository/conf directory and add the admin_service.WSDL element and set it to false as below.
[admin_service.wsdl] enable = "false"
Restart WSO2 Identity Server.
Use the following URL to access the WSDL file.
https://localhost:9443/services/RemoteUserStoreManagerService?wsdl
[1] https://is.docs.wso2.com/en/5.9.0/develop/managing-user-stores-with-apis/
If I use 'kafka-console-producer' - it automatically picks up JASS file and runs normally (can produce to a remote topic).
If I use 'kafka-avro-console-producer' with exact same configuration but with added schema property - it complains about JASS configuration:
'Could not find a 'KafkaClient' entry in the JAAS configuration. System property 'java.security.auth.login.config' is not set'
How to make it working?
Please look into these blogs, you will know that how can you update your security and how can you add property to procedure.
Authentication using SASL
secure-kafka-java-producer-with-kerberos
I am trying to publish as ASP.NET Core project with a hosting provider that supports ASP.NET Core. I am getting 500 Internal Server Error which I believe is very common. So I searched through the internet and various forums and then I checked the processPath="%LAUNCHER_PATH%" arguments="%LAUNCHER_ARGS%" in web.config and they look to be correctly converted with processPath="dotnet" and arguments=".\MyApplication.dll".
I also checked the connection string and it points to production DB server that's working. I confirmed the DB connection by changing the connection string to production DB and running project local. It works and I get the production DB access.
I also tried to get the error info by using the below in my Startup.cs (irrespective of env):
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
app.UseBrowserLink();
I have also enabled stdoutLog in web.config, but I don't see that folder either:
stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout"
I also tried to change applicationUrl and launchUrl in launchSettings.json to my prod Url, but that didn't work as well.
So, the 500 Internal Server Error refuses to go away, and I still don't have a useful error message. The page just says:
Oops.
500 Internal Server Error
An error occurred while starting the application.
I would really appreciate if someone could help me here.
I have also enabled stdoutLog in web.config as but I don't see that folder either:
stdoutLogEnabled="true" stdoutLogFile=".\logs\stdout"
There is one trick here - you must create both folders logs and stdout manually - then and only then IIS will create log file inside logs folder (not stdout as you could expect) - don't ask me why, because I don't know why ;)
Oops. 500 Internal Server Error An error occurred while starting the application.
Usually, means problems with a configuration in Startup.cs - the most common problems include an issue with DB itself, an issue with migrations (if you are using Code First approach), problems with appsettings.js, problems with Social Logins credentials (like missing SecretKey)...
Please refer to log file in .\logs\stdout - this is the quickest way to find details about the problem :)
app.UseDeveloperExceptionPage();
app.UseDatabaseErrorPage();
Those will work after your WebApp fully started, but not while starting the application.
in web.config file change modules="AspNetCoreModuleV2" to modules="AspNetCoreModule"
and watch this video
https://www.youtube.com/watch?v=clCR3k6kkD8
Thanks to Lukasz for his comments. I was able to see the log and it stated that "ClientId option must be provided". The problem was with the UserSecrets. Since secrets.json is only available in Development, there were no secrets found in Production. Once I had the secrets in my appSettings.json, it worked fine.
Moreover, To replicate this in Local environment, just go to Project properties and change the environment variable ASPNETCORE_ENVIRONMENT to 'Production' and run in local. This will replicate the 500 Internal Server Error in local and you'll get the error message.
Also, ensure that the ASP.NET Core Windows Server Hosting bundle is installed. THis creates a reverse proxy between IIS and the Kestral server.
More Info:
https://learn.microsoft.com/en-us/aspnet/core/publishing/iis?tabs=aspnetcore2x#tabpanel_tfsY37MhAQ_aspnetcore2x
I would like to add some more info to #Lukasz Makowej answer.
I found out the reason why to have to create the folder, in microsoft documentation it is said that:
stdoutLogFile - Optional string attribute.
".....Any folders provided in the path must exist in order for the module to create the log file...."
So you have to create it yourself :)
Check it out here:
https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/aspnet-core-module?view=aspnetcore-2.0
I also must said that in my case I had to validate that the web-site had the permissions to access to the "log" folder.
Make sure your web.config is good. I've been stomped more than once by a syntactically good web.config that referred to a module (Rewrite) that wasn't on the server. No error messages anywhere, other than the 500 response error.
Std log wasn't working for me, I had to uninstall all .ENT Core runtime / SDK versions from the server and my local to install the latest one and it worked after publishing everything again from scratch.
Another thing that helped was binding the IIS app to port 5000 without any dns so it actually showed me errors on http://localhost:5000
Encountered this issue yesterday, we also had no logging, no eventlog message whatsoever.
Then we checked the site's authentication settings via the IIS-manager to double-check the settings. And pop suddenly a popup with an error message 'Error on line XXXX'.
Turned out the configuration section was locked in the website's config at server-level.
So try unlocking the relevant IIS configuration settings at server level, as follows:
Open IIS Manager
Select the server in the Connections pane
Open Configuration Editor in the main pane
In the Sections drop down, select the section to unlock, e.g. system.webServer => security => authentication
Click Unlock Attribute in the right pane
Repeat for any other settings which you need to unlock
Restart IIS (optional) - Select the server in the Connections pane, click Restart in the Actions pane
This is a fresh install of Raven #2230, running on IIS8/Win8. When studio starts it offers to create new database, then browser pops up credentials window (401).
Web.config has add key="Raven/AnonymousAccess" value="All"/ set. Also tried add key="Raven/AnonymousUserAccessMode" value="All"/ as per documentation.
Anonymous Authentication on site is enabled, so is Windows Authentication.
Added Raven.Bundles.Authorization.dll to plugins folder (not sure if needed, but didn't make any difference).
Am I missing something ?
RavenDB as of today, is on version 2750 (stable). Upgrade and this issue should be fixed.
The way to do this is to set the AnonymousAccess setting in web.config to Admin:
<add key="Raven/AnonymousAccess" value="Admin"/>
You should change this back to All once you have created your database.
I have created an OData/WCF service using Visual Studio 2010 on Windows XP SP3 with all current patches installed.
When I click on "view in browser", the service opens and I see the 3 tables from my EF model. However, when I add a table name ("Commands" in this case) to the end of the query string, rather than seeing the data from the table, I get an HTTP 500 error.
(This error (HTTP 500 Internal Server Error) means that the website you are visiting had a server problem which prevented the webpage from displaying.).
I have not only followed the examples from 2 sites, but have also tried running the sample application that the blog poster sent me (that works on his machine), and still am not having any luck.
The blog post is at Exposing OData from an Entity Framework Model
Does anyone have an idea why this is occurring and how to resolve it?
Here is the output of the "View in Browser":
<?xml version="1.0" encoding="utf-8" standalone="yes" ?>
- <service xml:base="http://localhost:1883/VistaDBCommandService.svc/" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:app="http://www.w3.org/2007/app" xmlns="http://www.w3.org/2007/app">
- <workspace>
<atom:title>Default</atom:title>
- <collection href="Commands">
<atom:title>Commands</atom:title>
</collection>
- <collection href="Databases">
<atom:title>Databases</atom:title>
</collection>
- <collection href="Statuses">
<atom:title>Statuses</atom:title>
</collection>
</workspace>
</service>
Update:
In an effort to get this working, I have:
Removed and re-installed IIS
Ran the %WINDIR%\Microsoft.Net\Framework\v4.0.30319\aspnet_regiis –i –enable command
Ran the %WINDIR%\Microsoft.Net\Framework\v4.0.30319\ServiceModelReg.exe -r command.
Created a new solution and followed the instructions very carefully to assure that I
didn't mess anything up.
After all of this, I am still getting the same HTTP 500 error, with no entries of any kind in the Event Viewer.
Any other ideas?
I figured out that my problem was an issue with opening the database. The way I figured it out was to add the following to the servicename.svc.cs file in the InitializeService method:
config.UseVerboseErrors=true;
Thanks to all who tried to help.
Eric
config.UseVerboseErrors=true; helped me in finding out the problem. The problem was I was using windows authentication for database connection. After changing to SQL Server Authentication everything worked fine.
Please try these debugging tips to see the actual error which happened:
Link
500 always means there was an unhandled exception in the service. Go look in the windows event log to see what that error was.
Received similar output with VS2013:
Resolved by upgrading the Entity Framework.
See answer https://stackoverflow.com/a/21028123/2116188.
You can also activate Failed Request Tracing for your Web Application in IIS
then you will get detailled trace execution in Xml files from IIS when a 500 error occurs
There is a good article here explaining how to setup Failed Request Tracing in IIS :
Using Failed Request Tracing to Trace Rewrite Rules
HTH
Cédric
If you are using SQL Server Compact data file (Like NorthWind.sdf) you need to give write file permission to IUSRS group.
Ex: If you are using NorthWind.sdf in DataDirectory i.e. YourWeb/App_Data then you need to give write permissions to _IUSRS group from IIS Console or from Windows Explorer.