Error validating username and password.

[BrunoFelipe-dev]

I'm facing a strange problem... when submitting the PWD authentication form, when the user is not found it works correctly, when a field is empty it also works, but when I enter an existing user and an incorrect password I'm getting the following error:

fail: Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware[1] An unhandled exception has occurred while executing the request. System.NullReferenceException: Object reference not set to an instance of an object. at SimpleIdServer.IdServer.UI.BaseAuthenticationMethodController1.Index(String prefix, T viewModel, CancellationToken token) at Microsoft.AspNetCore.Mvc.Infrastructure.ActionMethodExecutor.TaskOfIActionResultExecutor.Execute(ActionContext actionContext, IActionResultTypeMapper mapper, ObjectMethodExecutor executor, Object controller, Object[] arguments) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeActionMethodAsync>g__Logged|12_1(ControllerActionInvoker invoker) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeNextActionFilterAsync>g__Awaited|10_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Rethrow(ActionExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ControllerActionInvoker.<InvokeInnerFilterAsync>g__Awaited|13_0(ControllerActionInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeNextResourceFilter>g__Awaited|25_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Rethrow(ResourceExecutedContextSealed context) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.Next(State& next, Scope& scope, Object& state, Boolean& isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeFilterPipelineAsync>g__Awaited|20_0(ResourceInvoker invoker, Task lastTask, State next, Scope scope, Object state, Boolean isCompleted) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker) at Microsoft.AspNetCore.Mvc.Infrastructure.ResourceInvoker.<InvokeAsync>g__Logged|17_1(ResourceInvoker invoker) at SimpleIdServer.IdServer.Swagger.SidSwaggerUIMiddleware.Invoke(HttpContext httpContext) at SimpleIdServer.IdServer.Swagger.SIDSwaggerMiddleware.Invoke(HttpContext httpContext, ISwaggerProvider swaggerProvider) at SimpleIdServer.IdServer.Middlewares.MtlsAuthenticationMiddleware.InvokeAsync(HttpContext context) at Microsoft.AspNetCore.Authorization.AuthorizationMiddleware.Invoke(HttpContext context) at Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context) at SimpleIdServer.IdServer.Middlewares.LanguageMiddleware.InvokeAsync(HttpContext context) at SimpleIdServer.IdServer.Middlewares.RealmMiddleware.InvokeAsync(HttpContext context) at Microsoft.AspNetCore.Localization.RequestLocalizationMiddleware.Invoke(HttpContext context)

When entering the correct username and password works, the error only occurs in the scenario of correct username and incorrect password.

[simpleidserver]

I tried to reproduce this issue on my local machine using the version from the master branch but was not successful.

How did you install the SimpleIdServer solution in your environment? Are you using the .NET template, and which version of the solution are you using?

Could you also describe all the steps needed to reproduce the error and include some screenshots? For example:

1. Log in to the Identity Provider website (https://localhost:5001/master) and click on the authentication window.

This information will help me investigate the problem further.

[BrunoFelipe-dev]

Yes, I am using DOTNET Template I installed it following the documentation: https://simpleidserver.com/docs/installation/dotnettemplate

My configuration is: Windows 11 in development and Windows Server in production, the error occurs in both.

In my solution I added:

IdentityServer website project (idServerManager) IdentityServer project (idServer)

I am using a connection to a SQL Server database.

Below is the video, in the first step I test the following situations: Empty login and password, in the second attempt where the error occurs, it is with an existing user and invalid password, in the last situation it is with the correct username and password where it logs in successfully.

https://github.com/user-attachments/assets/f4acd227-d13e-4130-ba75-a91c409ef8f8

[simpleidserver]

Hello,

You are correct; there is a mistake in the DOTNET TEMPLATE project. The following configuration is missing from the appsettings.json file. Could you please copy and paste the content below into the file and try again?

"UserLockingOptions": {  
  "LockTimeInSeconds": "300",  
  "MaxLoginAttempts": "5"  
}  

The template has been updated in the master branch: https://github.com/simpleidserver/SimpleIdServer/commit/5a9748b99dd9f57f4ab04de383512f8668bfc510

KR,

SID

[BrunoFelipe-dev]

Hello,

You are correct; there is a mistake in the DOTNET TEMPLATE project. The following configuration is missing from the appsettings.json file. Could you please copy and paste the content below into the file and try again?

"UserLockingOptions": {  
  "LockTimeInSeconds": "300",  
  "MaxLoginAttempts": "5"  
}  

The template has been updated in the master branch: 5a9748b

KR,

SID

Works, adding this setting in appSettings works correctly. Thanks.