publisher cloud service azure cookie federation

[wandelson]

Every time I perform a publication in azure cloud service.

happens this error.

[wandelson]

Help pliss.... I do not know what to do

if I delete the cookies.

FedAuth FedAuth1

Back up and running..

[brockallen]

The cookies issued by WIF require SSL (by default).

[wandelson]

brockallen,

Thank very much!

[wandelson]

Brock,

again the problem.

[hansarnevartdal]

When i have seen similar stuff before (not Azure) it's because the machine key changes on deploy, which means the application can't read the cookies encrypted by the previous deploy any more (the key is used for cookie-crypto-stuff). You should define the machine key in your web.config to keep it consistent.

This might be relevant as trigger reasons in Azure: http://stackoverflow.com/questions/19085726/with-azure-auto-scaling-do-i-need-to-specify-a-machinekey-in-web-config?rq=1

[hansarnevartdal]

There are several reasons why the machine key might be regenerated every time your application restarts (iisreset), and if it changes the cookies will become invalid. Here are some reasons: http://support2.microsoft.com/kb/2915218

The easy solution is to define it in web.config, thus making it consistent for you application.

[wandelson]

not solved.

=/

Azure - Application has two instances.

what to do?

[hansarnevartdal]

Load balancing? Use the same machine key for both instances of the application and they can both read the cookie regardless of who created it. If you have several environments you should have a machine key per environment config (to avoid the use of test-cookies in production etc..).

[wandelson]

did not work

F5

[hansarnevartdal]

From the screenshot it looks like you have set the machine key under the FederationMetadata location. It should be in the "root" element to work for the entire application. (It does not show in the screenshot, so can't tell if you tried that as well).

[wandelson]

still to no avail

enable chache?

http://onwindowsazure.com/storing-session-state-in-windows-azure-co-located-cache/

[hansarnevartdal]

Maybe you should turn custom errors off to see the actual exception?

-----Original Message----- From: "wandelson" notifications@github.com Sent: ‎29/‎01/‎2015 17:59 To: "IdentityServer/Thinktecture.IdentityServer2" Thinktecture.IdentityServer2@noreply.github.com Cc: "Hans Arne Vartdal" hans.arne.vartdal@gmail.com Subject: Re: [Thinktecture.IdentityServer2] publisher cloud service azurecookie federation (#805)

you must enable session caching?

— Reply to this email directly or view it on GitHub.=

[wandelson]

Is already set with

 <customErrors mode="Off" />

[hansarnevartdal]

This is also in location "FederationMetadata".

[wandelson]

[hansarnevartdal]

Well, http://lmgtfy.com/?q=ID1073

You have an exceptional exception description there. Both the description, and the top result from google (http://blogs.msdn.com/b/distributedservices/archive/2012/10/29/wif-1-0-id1073-a-cryptographicexception-occurred-when-attempting-to-decrypt-the-cookie-using-the-protecteddata-api.aspx) points to exactly what I have written earlier. I still think what they defined as "workaround #3" is easiest. You should go over your configurations again and read up on this, the solution is there.

[wandelson]

Thank you very much.

(;

You helped me a lot.

solved.

https://github.com/thinktecture/Thinktecture.AuthorizationServer/issues/114

[hansarnevartdal]

Nice! Happy to help :-)