We Keep Coding

An error Url redirected missing port when accessing Admin and removes the port number from the site's URL In Sitefinity CMS V13

I'm working on a development project with Sitfinity CMS - Version 13.0.
I got an error Url redirected missing port when accessing Admin server by IP/domain:
https://10.x.x.1:803/sitefinity or https://example.com:803/sitefinity.
When we alter any form, however, we receive an error message stating that the form is being diverted to an URL address that does not contain a port and displaying the warning below.
The steps that caused the error:
Step1: Login to admin cms (ex: https://10.x.x.1:803/sitefinity, https://example.com:803/sitefinity)
Step2: Edit content -> Forms - Select edit one form.
Url redirected https://10.x.x.1/sitefinity/... or https://example.com/sitefinity/... missing port 803.
Could you please assist me in determining the cause of the error?
Is there any way to fix it?
Thanks so much!

I'd try this: go to Administration > Settings > Advanced > System > Site URL Settings and set the Host and the port there. Check the Enable non-default Stie Url Settings and save.
Restart the site if changes do not apply immediately.

No MetadataProvider available - shibsp::ConfigurationException

I recently upgraded Shibboleth from versionShibboleth-sp-2.5.6.0-win64 to Shibboleth-sp-2.6.0.0-win64 and Apache web server from 2.4.16 to 2.4.23.
Post the upgrade, when I try to access my application I get the following error:
shibsp::ConfigurationException
The system encountered an error at Fri Oct 14 20:19:51 2016
To report this problem, please contact the site administrator at root#localhost.
Please include the following message in any email:
shibsp::ConfigurationException at (https://xxxxxx.xxxx/)
No MetadataProvider available.
When I access, https:/xxxxx.xxxxx/Shibboleth.sso/Metadata, the metadata file is downloaded and the details seems correct.
Does any one know why does this error occur and how can we solve it?

If it can be of help, I was writing this:
<MetadataProvider type="XML" validate="true" file="/etc/shibboleth/idp-metadata.xml" />
instead of this:
<MetadataProvider type="XML" validate="true" path="/etc/shibboleth/idp-metadata.xml" />
The XML attribute is path. I'm using Shibboleth SP version 3.

Ensure that you have a section in the default as well as an override if there exists. For me, even though there was a section properly created for the override, it needed one in the defaults

Just for the record. Most configuration of your SP takes place in shibboleth2.xml. Locate this file on your server and edit settings to your comfort.
For Linux installations:
Be sure not to edit this file from your installation path, but in your distribution path (i.e. /etc/shibboleth/shibboleth2.xml), otherwise your changes will not be visible ...
A restart of shibd (systemctl restart shibd) is mandatory after changing shibboleth2.xml.

Try the following steps:
1) Go to shar.log and check what is the entity ID returning from the IDP's assertion message.
2) Go to the corresponding IDP'S metadata in SP side, compare both entity ID's.
3) Sure there must be some mismatch between the files, so that's why SP is unable to find the IDP to which it is talking and not able to proceed further.
Finally, update the entity ID in the IDP's metadata and restart shibd. It should work.

Missing configuration for the issuer of security tokens error

I inherited an existing project without its development environment. I have UAT code and a backup of the Production database. I can run up the site locally via Visual Studio but have hit an authentication problem trying to setup a fresh standalone DEV server on AWS (single server, no load balancer). The doco indicates the Prod server is a dual server setup with a load balancer.
The front end site pages do display, although some search is not working. On trying to log into the backend pages, Chrome returns "The xxx page isn't working. xxx redirected you too many times." Using developer tools, I can see the page redirects back and forth between SWT?realm=... and sitefinity?wrap_defalted=true&wrap_access_token... On the second redirect response header there is "X-Authentication-Error:Missing configuration for the issuer of security tokens 'https://xxx/Sitefinity/Authenticate/SWT' "
I tried different values in the web.config lines:
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="http://localhost" realm="http://localhost" requireHttps="true"/>
<cookieHandler requireSsl="false"/>
</federatedAuthentication>
but that actually made things worse so I have reverted.
I checked all the settings mentioned in http://docs.sitefinity.com/administration-switch-to-claims-based-authentication and they seem to be set correctly. I don't really know what else I can check to get this working.
I found http://docs.sitefinity.com/administration-configure-security, but it does not seem like these settings are set (I don't have access to Prod server so can't confirm if it is actually setup with load balancing). I am currently using a 30 day trial license so am not sure if this is contributing to the problem. The official license is in the process of being transferred by the client. The domain name associated with the official license would be different to the domain my new server is currently running on.
I am also running version 8 code on a version 9 install of Sitefinity. I wanted to get it working before I tried to upgrade the code. I think there was also an assembly load to manifest mismatch when I tried upgrading my local version.

Found the solution: Don't mess with the SecurityConfig.config file.
<securityTokenIssuers>
<add key="B886AA7BFB5515BA63F577A44BBEB5C7AE674035514D128BC397346B11F4C97A" encoding="Hexadecimal" membershipProvider="Default" realm="http://localhost" />
</securityTokenIssuers>
<relyingParties>
<add key="B886AA7BFB5515BA63F577A44BBEB5C7AE674035514D128BC397346B11F4C97A" encoding="Hexadecimal" realm="http://localhost" />
</relyingParties>
Even though it is running on a server, the above lines should still point to localhost. It seems like these only need to be edited if you have a multi-server setup with an entirely separate STS.
I initially changed it to match the new domain name, but after some experimentation around adding localhost and HTTP variations, it seems like it works best with just localhost.
Even when I changed the web.config entry above to use the new domain as the issuer instead of localhost and the SecureConfig.config to specify only the new domain as the realms, it didn't seem to work. I guess the authentication must try to hit localhost specifically.

I installed WSO2 AM(API Manager) 1.10.0 and used the user-mgt.xml from working AM 1.9.0, but now I cannot login to carbon admin UI

I installed WSO2 AM(API Manager) 1.10.0 and used the user-mgt.xml from working AM 1.9.0, but now I cannot login to carbon admin UI.
API Manager is configured with LDAP read only primary user store.
Additionally API Manager is configured to work with default H2. But I think this is not a reason.
If I configure API Manager with a standard user store (without any changes to user-mgt.xml, i.e. without adding readOnlyLdap config and removing default JDBC UserStoreManager), login to admin-dashboard works OK.
I got the warning message from wso2carbon.log:
TID: [-1234] [] [2016-07-03 05:55:54,731] WARN {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil} - Failed Administrator login attempt 'admin[-1234]' at [2016-07-03 05:55:54,730+0000] {org.wso2.carbon.core.services.util.CarbonAuthenticationUtil}
I made the changes as suggested per I am unable to login to admin-dashboard application in WSO2 API manager , unfortunately that solution did not work for me.
Basically I installed brand new WSO2 am 1.10.0, with default settings, all works fine, until I changed user-mtg.xml to enable LDAP, I cannot login to carbon/admin UI anymore. So LDAP does not work out of the box with wso2 am 1.10.0? I followed the instructions related to LDAP set up, but it just did not work.
The strange thing is, LDAP works with am 1.9.0. So any difference in setting up LDAP between version 1.10.0 and 1.9.0?
UPDATE:
For the moment, I gave up integarting LDAP with wso2 am 1.10.0. I moved to SAML2. But keep the question open in case someone has worked out of this with a solution, or this might help others. Thanks.

What is the value of the GetAllRolesOfUserEnabled property under AuthorizationManager in user-mgt.xml?
<AuthorizationManager class="org.wso2.carbon.user.core.authorization.JDBCAuthorizationManager">
<Property name="AdminRoleManagementPermissions">/permission</Property>
<Property name="AuthorizationCacheEnabled">true</Property>
<Property name="GetAllRolesOfUserEnabled">false</Property>
</AuthorizationManager>
That property is not part of the 1.9 config and in 1.10 the default config has this set to false and we were seeing similar login issues. Setting this to true resolved this issue for us.
Joe

I can provide following hints.
Since you haven't mentioned about the master-datasources.xml, I doubt the following. Do you have a external userstore database used in 1.9.0? If so, have you pointed 1.10.0 to the same database?
Log doesn't clearly say whether it failed due to authentication or authorization error. To find this out, you need to enable debug logs for the package org.wso2.carbon.user.core. This can be done in the repository/conf/log4j.properties file and needs a restart. Then, when your next login attemp fails, it will show you more details.

WinJS.xhr: Network Error 0x2efd, Could not complete the operation due to error 00002efd

I have problem with WinJS.xhr when developing a Windows 8 Metro application in JavaScript.
WinJS.xhr({ url: "http://www.seznam.cz"});
When above code is executed, I see in log:
SCRIPT7002: XMLHttpRequest: Network Error 0x2efd, Could not complete
the operation due to error 00002efd.
I have enabled "Internet (Client)" capability in manifest.
Maybe the problem is because I am behind proxy and using VPN, but I can access internet using Google Chrome (I just need to authorize, otherwise HTTP Status 407 - proxy authorization needed).
How can I fix it?
[EDIT]
So I found that it is probably related to the VPN I have to use (Cisco VPN Client). When I disable the VPN, even when I am behind the proxy (I use the LAN, with VPN I use WiFi), the request works. Maybe it is only Cisco VPN related. I had to modify registry as it is described here http://verbalprocessor.com/2012/09/17/windows-8-and-cisco-vpn-client/
Also interesting is that a few Metro apps work (maps) and some do not work (windows store) when I am behind proxy.
Just a notice: I have explored Windows.Networking.Connectivity and in both cases (with/without VPN) I get NetworkConnectivityLevel == "Local Access" (because I am behind the proxy probably).

I got the same error when connected to my workplace SSL/VPN connection (from Juniper).
Opening the .appxmanifest file and adding the "Private Networks (Home & Server)" capability solved the issue.
<Capabilities>
<Capability Name="internetClient" />
<Capability Name="privateNetworkClientServer" />
</Capabilities>

This solution worked for me (see forums link below)... essentially, you need to add the server's certificate to the Windows Store App manifest (also be sure your manfiest "Capabilities" are set to at least "InternetClient"). You can get the server's certificate by exporting it from your browser, save is as a ".der" file. Using Firefox was easier than IE in doing this (From FF, browse to the target domain that has the certificate, then right click on the page > Page Info > Security tab > Details tab > Export button > save as ".der".
http://social.msdn.microsoft.com/Forums/en-ZA/winappswithcsharp/thread/4a776e8c-0e10-4f03-908f-7f765d914080?prof=required
This solution seems absurd - so bear in mind, this may only be necessary for sites that are using self-signed certificates, like in a development environment, because this process was not necessary for other production sites.

The proper way to do this was posted on the MSDN forums, it didn't work for me but the following did
config.xml
...
<platform name="windows">
<config-file target="package.appxmanifest">
<DeviceCapability Name="privateNetworkClientServer" />
</config-file>
...
</platform>
These will be merged with your other capabilities