Windows Live does not allow information to be shared with this type of request

Thu, 12 Jun 2008 20:09:12 Z

mysubdomain.mydomain.com is making an insecure request to access your information. Windows Live does not allow information to be shared with this type of request.

Just cannot seem to get beyond this error. I have read this thread: http://forums.microsoft.com/msdn/ShowPost.aspx?PostID=2993705&SiteID=1 and it does not solve my problem. I registered a new Application and web.config is without a doubt correct. The return url is valid and working. Only thing I can think of is that the request is not coming from a SSL page, or using a sub-domain is throwing it off. What else can cause this error?

Tia,

Eric

Windows Live does not allow information to be shared with this type of request

Thu, 12 Jun 2008 21:59:47 Z

Managed to break the live.com sdk example:

Code Snippet

XML Parsing Error: no element found
Location: https://dev.live.com/livedata/sdk/delauth-handler.aspx
Line Number 1, Column 1:

Happens after you grant access, then go back and deny access, then go to allow access again.

Windows Live does not allow information to be shared with this type of request

Fri, 13 Jun 2008 10:16:02 Z

If you're not coming over SSL, are you sending an app-verifier-parameter? See the docs for more information about this

Windows Live does not allow information to be shared with this type of request

Fri, 13 Jun 2008 14:18:10 Z

As far as I know I am, but I'm not doing anything explicitly. Maybe this will help. My web.config looks like this:

Code Snippet

Then to get the consent link I'm calling ConsentUrl = wll.GetConsentUrl(Offers); just as it's done in the sample. App verifier is set to 0 in Application Management.

If you could point me to exactly where in the documentation sending an app verifier parameter is discussed, I'd appreciate it.

Windows Live does not allow information to be shared with this type of request

Sat, 14 Jun 2008 19:46:27 Z

Take a look at Requesting Consent (Delegated Authentication) on MSDN, it's discussed there at the app-parameter.

Windows Live does not allow information to be shared with this type of request

Mon, 16 Jun 2008 14:31:34 Z

The error occurs before reaching the consent interface.

Windows Live does not allow information to be shared with this type of request

Mon, 16 Jun 2008 23:29:46 Z

Could you give us the error number, by looking at the address bar when it occurs? There should be something like '&ErrorCode=XXXX' where XXXX are 4 numbers.

Windows Live does not allow information to be shared with this type of request

Mon, 16 Jun 2008 23:32:34 Z

Can you post a sample of the URL that get's constructed?

Windows Live does not allow information to be shared with this type of request

Tue, 17 Jun 2008 15:52:47 Z

http://test.ggwdev.com/default.aspx is the url in question.

3006 is the error code.

Different things happen based on who I'm currently signed in as too. It's hard to explain because it's so inconsistent.

Thanks for taking a look,

Eric

Windows Live does not allow information to be shared with this type of request

Tue, 17 Jun 2008 19:56:45 Z

Errorcode 3006:

3006

Consent Service API failed in the <method name> method. The application ID in the verifier does not match the DNS name.

The DNS Name retrieved for this application ID does not match the one in the application verifier.

So check your settings

Windows Live does not allow information to be shared with this type of request

Thu, 19 Jun 2008 19:11:38 Z

Care to be more specific Alex?

Look, here is everything I have (values were copied + pasted into account manager and vice versa so there are no typos):

Code Snippet

Code Snippet

protected string ConsentUrl;

static WindowsLiveLogin wll = new WindowsLiveLogin(true);

protected WindowsLiveLogin.ConsentToken Token;

const string Offers = "Contacts.View";

const string AuthCookie = "delauthtoken";

protected void Page_Load(object sender, EventArgs e)

{

//Get the consent URL for the specified offers.

ConsentUrl = wll.GetConsentUrl(Offers);

HttpRequest req = HttpContext.Current.Request;

HttpCookie authCookie = req.Cookies[AuthCookie];

// If the raw consent token has been cached in a site cookie, attempt to

// process it and extract the consent token.

if (authCookie != null)

{

string t = authCookie.Value;

Token = wll.ProcessConsentToken(t);

if ((Token != null) && !Token.IsValid())

{

Token = null;

}

Code Snippet

<a href="">Login to Windows Live</< FONT>a>

Code Snippet

public partial class HandlerPage : System.Web.UI.Page

{

const string MainPage = "default.aspx";

const string AuthCookie = "delauthtoken";

static DateTime ExpireCookie = DateTime.Now.AddYears(-10);

static DateTime PersistCookie = DateTime.Now.AddYears(10);

// Initialize the WindowsLiveLogin module.

static WindowsLiveLogin wll = new WindowsLiveLogin(true);

protected void Page_Load(object sender, EventArgs e)

{

HttpRequest req = HttpContext.Current.Request;

HttpResponse res = HttpContext.Current.Response;

// Extract the 'action' parameter, if any, from the request.

string action = req["action"];

if (action == "delauth")

{

//Attempt to extract the consent token from the response.

WindowsLiveLogin.ConsentToken token = wll.ProcessConsent(req.Form);

Session["ConsentToken"] = token;

HttpCookie authCookie = new HttpCookie(AuthCookie);

// If a consent token is found, store it in the cookie and then

// redirect to the main page.

if (token != null)

{

authCookie.Value = token.Token;

authCookie.Expires = PersistCookie;

}

else

{

authCookie.Expires = ExpireCookie;

}

res.Cookies.Add(authCookie);

res.Redirect(MainPage);

res.End();

}

else

{

res.Redirect(MainPage);

res.End();

}

Windows Live does not allow information to be shared with this type of request

Sat, 21 Jun 2008 04:08:23 Z

You need to check that the values in web.config match those at http://msm.live.com/app

Specifically, for AppID = 00167FFE8000F9CD the registered return URL must be http://test.ggwdev.com/delauth-handler.aspx the registered domain must be test.ggwdev.com and the shared secret key must be the same as in your config file.

Note: We don't recommend posting secret key value details in public forums. You may want to reset yours ;-)

Windows Live does not allow information to be shared with this type of request

Mon, 23 Jun 2008 13:49:08 Z

Thanks Jorgen, getting closer. However, when I try to put in a registered domain, I receive the following error:

The application domain cannot be added to the application because it already exists

I wouldn't post the key value if I was using an actual account (this one is for testing purposes only). I'll kill it once this issue is resolved.

Windows Live does not allow information to be shared with this type of request

Mon, 23 Jun 2008 19:31:08 Z

You can't add it in an existing application, you need to register a new one...

Windows Live does not allow information to be shared with this type of request

Tue, 24 Jun 2008 13:22:14 Z

I get the same error message when creating a new application.

Windows Live does not allow information to be shared with this type of request

Tue, 24 Jun 2008 13:44:27 Z

In that case, you have already entered the domain name when registering another application. Check your other applications, if you can't find it, contact Jorgen Thelin about this. (jthelin....at....nospam....microsoft....com)

Windows Live does not allow information to be shared with this type of request

Tue, 24 Jun 2008 14:27:48 Z

Yeah, I don't have any other applications. Thanks for helping Alex.

Windows Live does not allow information to be shared with this type of request

Fri, 27 Jun 2008 13:33:00 Z

Haven't received a response from Jorgen. I think it's time to scratch hotmail/live from this project as too much time has gone into getting the basics to work. Google's contacts data api with AuthSub and a x.509 cert was much easier to get working than registering an application with windows live, as was Yahoo. lol

Windows Live does not allow information to be shared with this type of request

Fri, 27 Jun 2008 22:08:43 Z

Jumping in here as I'm having a similar issue. The Delegated Authentication API seems to want the host in the return URL to match exactly the one specified in the application's registration. We're trying to test this across multiple installations with different hostnames as we move from dev to qa to live, so we initially registered the application with the broad domain.com domain name.

Authenticating from test.domain.com yields the 3006 error. No problem, it apparently wants an exact match on the host. So, let's go back and change our existing application, setting it to test.domain.com for now. That yields this error:

The Domain name should match the domain name specified in Return URL.

No problem, let's just change the return URL so that it's also test.domain.com. Wrong again...

The domain in the Return URL can not be changed once an Application has been created. Please register a new Application.

OK, makes sense I guess. Let's just create a new application with the more specific test.domain.com in both our return URL and domain name.

The application domain cannot be added to the application because it already exists.

Hmm...so as far as the system is concerned, test.domain.com and domain.com are the same?!? OK, let's delete this application and start over. For now, we'll just use the test server's information so we can get on with the testing. Delete application, register a new one using test.domain.com.

The application domain cannot be added to the application because it already exists.

What's the preferred setup for clients who actually want to test this on multiple hosts in the same domain? I understand creating a new application with a "dummy" host for dev purposes (mydevhost.myfakedomain.com using the hosts file), but how about when you're moving the application to hosts that are on your "live" domain (qa.domain.com, staging.domain.com)?

Ideally, we'd be able to register a single application that woks for all hosts beneath domain.com. Second best, we have to register multiple applications, and we just send the appropriate return URL based on the host. Hopefully ewallace and I are missing something simple, but what's above seems to suggest that neither of these routes are possible.

Thanks in advance for any help.

Ben

Windows Live does not allow information to be shared with this type of request

Mon, 30 Jun 2008 23:56:01 Z

We're sorting this out direct with Eric.

Windows Live does not allow information to be shared with this type of request

Tue, 01 Jul 2008 00:03:37 Z

Ben,

Can you send me all the relevant AppIDs and host/domain names that you are trying to get working, and we can try to clean everything back up to a clean slate and get you working.

FYI, this stuff is caused by a wierd quirk (some would say "bug", but the developer argues otherwise ;-) in the way delegation requests work from return URLs that have not been seen before.

A fix is heading into Production in a few weeks time with our next major release, and which should solve almost all the "domain already exists" errors people have been hitting.

- Jorgen

Windows Live does not allow information to be shared with this type of request

Tue, 15 Jul 2008 21:58:33 Z

Any news on when the fix is going into production?

Windows Live does not allow information to be shared with this type of request

Wed, 16 Jul 2008 11:22:55 Z

I'm not sure, but don't give up hope just yet - the Live ID team ships about twice a year, as far as I know they're going to release version 6.0 soon.

Windows Live does not allow information to be shared with this type of request

Thu, 17 Jul 2008 11:09:36 Z

Hi,

I believe I'm also facing a similar issue here ..

I tried the Windows Live Contacts (Delegated Authentication) Sample 1 (http://msdn.microsoft.com/en-us/library/cc287649.aspx)

The steps I followed:

Hosted the sample website on a machine named "HostMachine".

Registered an application with Windows Live.
Modified the web.config correctly with the application Id, return Url etc.
Launched IE with http://HostMachine/default.aspx
I see the page with a "Click Here" link.
The link takes me to a WL sign-in page.
I entered my credentials and then this is what I see.. (below).

Allow Access to HostMachine

There's a problem sharing your information with HostMachine. Please try again later.

View the information you're currently sharing

Is there anything I'm missing.. maybe something very basic?

Please help me .. I'm totally out of ideas!

FYI:

Below are the contents of my web.config:

Code Snippet

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
    <system.web>
        <compilation debug="true" />
        <customErrors mode="Off" />
    </system.web>

Thanks,

Tanuj

Windows Live does not allow information to be shared with this type of request

Thu, 17 Jul 2008 23:25:06 Z

You need to edit the config file to replace HostMachine with the fully qualified DNS name of the machine you are hosting the sample app on.

http://msdn.microsoft.com/en-us/library/cc287649.aspx

Windows Live does not allow information to be shared with this type of request

Fri, 25 Jul 2008 19:28:23 Z

Hoping to hear something soon. Project is going live in one week.