MSIS7012 : ADFS SSO Error WSFED
levis | Mon, 09 Sep 2024 at 02:18 hours | Replies : 0 | Points : 100
Category : ADFS
MSIS7012 : The same client browser session has made '6' requests in the last '1' seconds. Contact your administrator for details
We have a .Net application which we implemented ADFS WSFED init. Its working fine in local but when we deployed it to OpenShift we are facing this error.
I have added WtrealM,Wreply(Tried commenting it got same error) in service.AddAuth.
Set Options.Cookie.SameSite = sameSiteMode.None
Tried so many methods, but still getting error: The same client browser session has made '6' requests in the last '1' seconds. Contact your administrator for details. ADFS WSFED OpenShift.
Do we have to feed OpenShift with any certificate from ADFS or have to follow some other process when we deploy.
My startup.cs
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
public void ConfigureServices(IServiceCollection services)
{
var realm = //realm; DEV
services.AddAuthentication(sharedOptions =>
{
sharedOptions.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
//sharedOptions.DefaultSignInScheme = CookieAuthenticationDefaults.AuthenticationScheme;
sharedOptions.DefaultChallengeScheme = WsFederationDefaults.AuthenticationScheme;
}).AddWsFederation(options =>
{
options.Wtrealm = realm;
options.Wreply = //wreply;
options.MetadataAddress = "";
options.TokenValidationParameters = new TokenValidationParameters()
{
SaveSigninToken = true,
RoleClaimType = "http://schemas.xmlsoap.org/claims/Group"
};
}).AddCookie();
services.ConfigureApplicationCookie(options =>
{
options.Cookie.SameSite = SameSiteMode.None;
});
services.AddDistributedMemoryCache();
services.AddSingleton<IStartSession, InitSession>();
services.AddSingleton<ISessionStore, DistributedSessionStoreWithStart>();
services.AddSession();
services.AddHttpClient("myClient", client =>
{
client.Timeout = TimeSpan.FromSeconds(300);
});
services.AddControllersWithViews().AddNewtonsoftJson(options =>
{
options.SerializerSettings.ContractResolver = new DefaultContractResolver();
options.UseMemberCasing();
}).AddRazorRuntimeCompilation();
services.AddLocalization(opt =>
{
opt.ResourcesPath = "Resources";
});
services.Configure<RequestLocalizationOptions>(options =>
{
List<CultureInfo> supportedCultures = new List<CultureInfo>
{
new CultureInfo("en-US")
};
options.DefaultRequestCulture = new RequestCulture("en-US");
options.SupportedCultures = supportedCultures;
options.SupportedUICultures = supportedCultures;
});
services.AddTransient<IHttpContextAccessor, HttpContextAccessor>();
services.AddTransient<IClaimsTransformation, ClaimsTransformer>();
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
app.UseHsts();
}
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseSession();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseMiddleware<UserClaimsMiddleware>();
var options = app.ApplicationServices.GetService<IOptions<RequestLocalizationOptions>>();
app.UseRequestLocalization(options.Value);
app.UseEndpoints(endpoints =>
{
endpoints.MapControllerRoute(
name: "default",
pattern: "{controller=Home}/{action=Index}/{id?}");
});
AppHttpContext.Services = app.ApplicationServices;
}
}
}
I tried HTTP Tracker logs, still I didn't find anything, It just doing Ping pong from SSO to Dev
Protocol Name:
wsfed
Relying Party:
URL
Exception details:
Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '0' seconds. Contact your administrator for details.
at Microsoft.IdentityServer.Web.Protocols.PassiveProtocolHandler.UpdateLoopDetectionCookie(WrappedHttpListenerContext context)
at Microsoft.IdentityServer.Web.Protocols.PassiveProtocolHandler.ProcessCommonCookiesInLastAuthenticationStage(ProtocolContext context)
at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.SendSignInResponse(WSFederationContext context, MSISSignInResponse response)
at Microsoft.IdentityServer.Web.Protocols.WSFederation.WSFederationProtocolHandler.Process(ProtocolContext context)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.ProcessProtocolRequest(ProtocolContext protocolContext, PassiveProtocolHandler protocolHandler)
at Microsoft.IdentityServer.Web.PassiveProtocolListener.OnGetContext(WrappedHttpListenerContext context)
