leastprivilege
commented
11 years ago Are you sure the user is in the Users role (admin role does not grant permissions to request a token)
Closed christolo closed 11 years ago
leastprivilege
commented
11 years ago Are you sure the user is in the Users role (admin role does not grant permissions to request a token)
christolo
commented
11 years ago Yes, that user was. However, I created a new user with just the user role, and it worked. Sorry to bother you. Incredible job with this framework.
HornerG
commented
11 years ago I've seen this before when the web.config of the web application has incorrectly been setup, check the thumb print etc. of the web application and the RP settings on id server.
Sent using an HTC 8x Windows Phone 8
-----Original Message----- From: "Chris Keenan" notifications@github.com Sent: 30/05/2013 21:59 To: "thinktecture/Thinktecture.IdentityServer.v2" Thinktecture.IdentityServer.v2@noreply.github.com Subject: [Thinktecture.IdentityServer.v2] Issue with setting up a test RP(#233)
Using this video as the basis for setting up the RP (http://vimeo.com/51666380 - Thinktecture IdentityServer v2 Tutorial: The 1st Web Application). Here is the scenario: 1) Make request to RP 2) Receive a 302 to IdentityServer to account/signin 3) Try to log in with the admin account I created on IdentityServer (roles: IdentityServerAdministrators and IdentityServerUsers) The login page redirects to issue/wsfed?wa=wsignin1.0&wtrealm=http%3a%2f%2flocalhost%3a560 etc. I get a 302 to the account/signin page again. I get this message: You are currenty logged in as xxxxx, but you requested a resource that you were not authorized for. Either provide credentials that do have access or contact your administrator to grant you access. I'm sorry if this question has been asked 1000 times. I did try this on 2 machines and realize that it's probably an IIS setting or a cert problem locally (I changed Protocal settings on WSFed to not require SSL). — Reply to this email directly or view it on GitHub.
rushdan
commented
10 years ago Dear sir,
I have same problem as above and try to solve it following your guide.
I have set the user as 'Mutaz' and set in IdentityServerUsers roles .
And then I set the Relying Party
When I browse with http://localhost/webapp, the error shown below:
What the reason and how to fix ?
Thank you
From Rushdan
leastprivilege
commented
10 years ago Yes - realm names must exactly match - you are using a trailing "/" in your RP - but not in the IdSrv registration.
Using this video as the basis for setting up the RP (http://vimeo.com/51666380 - Thinktecture IdentityServer v2 Tutorial: The 1st Web Application). Here is the scenario:
1) Make request to RP 2) Receive a 302 to IdentityServer to account/signin 3) Try to log in with the admin account I created on IdentityServer (roles: IdentityServerAdministrators and IdentityServerUsers) The login page redirects to issue/wsfed?wa=wsignin1.0&wtrealm=http%3a%2f%2flocalhost%3a560 etc. I get a 302 to the account/signin page again.
I get this message:
You are currenty logged in as xxxxx, but you requested a resource that you were not authorized for. Either provide credentials that do have access or contact your administrator to grant you access.
I'm sorry if this question has been asked 1000 times. I did try this on 2 machines and realize that it's probably an IIS setting or a cert problem locally (I changed Protocal settings on WSFed to not require SSL).