none
TFS.authenticate();

    Question

  • Hello all!

    I'm creating a simple .aspx page that connects to TFS and display the list of bugs in a GridView.
    When working locally from inside my IDE it works. When I debug and step into it all works well.

    Now I've decided to Publish my web site, still locally on my machine, I created a folder and then publish my web site to that newly created folder. Then I created a virtual directory that points to that folder and tried to run it but it fails.

    I've attached to aspnet_wp.exe process to see what goes on and realized that from inside the IDE I did not need to impersonate but once deployed, even locally on my machine, I needed to add an instruction in the web.config in order to impersonate. The actual line is:

    <
    identity impersonate="true" userName="domainename\user" password="12345"/>

    Then I opened IIS and browsed my virtual Directory and attached to process from my IDE to see what goes on and the tfs.Authenticate(); line of code seems to now work.

    NOTE: Keep in mind that I've been looking at the Work Item Object Model Sample from the extensibility kit provided and basically copied the exact same thing. The code I have is the following:

    TeamFoundationServer tfs = TeamFoundationServerFactory.GetServer(DomainName);

    // For debugging only, to see what's the userName that is Authenticated
    string
    tfsUser = tfs.AuthenticatedUserName;

    tfs.Authenticate();

    WorkItemStore store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));

    // Check if we have any projects
    if (store.Projects.Count <= 0)
    {
    return null;}

    ....more code.....

    The error I get now is the following which I honestly do not understand...
    In order to pinpoint the problem, I've tried it in debug mode(hitting F5) and it worked so its definitely a security issue.

    What am I missing?
    I've done the impersonating thing...what do I need in addition to impersonate?

    Many thanks to anyone that can help!
    Sincerely

    Vince

    Access is denied.
    (Windows)
    Could not create metadata cache directory '혨|'. (Currituck Metadata Cache)
    Could not open file '|'. (Currituck Metadata Cache)
    Access is denied.
    (Windows)
    Could not create metadata cache directory '혨|'. (Currituck Metadata Cache)
    Could not open file '|'. (Currituck Metadata Cache)
    Could not initialize metadata cache for product '໴'. (Currituck Metadata Cache)
    Unspecified error
    (Windows)
    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: Microsoft.TeamFoundation.WorkItemTracking.Client.ClientException:
    Access is denied.
    (Windows)
    Could not create metadata cache directory '혨|'. (Currituck Metadata Cache)
    Could not open file '|'. (Currituck Metadata Cache)
    Access is denied.
    (Windows)
    Could not create metadata cache directory '혨|'. (Currituck Metadata Cache)
    Could not open file '|'. (Currituck Metadata Cache)
    Could not initialize metadata cache for product '໴'. (Currituck Metadata Cache)
    Unspecified error
    (Windows)

    Source Error:

    Line 40: 				tfs.Authenticate(); 
    Line 41: 
    Line 42: 				WorkItemStore store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));
    Line 43: 
    Line 44: 				// Check if we have any projects


    Wednesday, March 08, 2006 2:48 PM

Answers

  • Hi,

    The issue is that the account does not have access to the folder in which the work item cache is stored. You can correct this by:

    1. Specifying where the work item cache is to be stored in your web.config under the <appSettings> node:

    <add key="WorkItemTrackingCacheRoot" value="<newfolder>" />

    2. Granting read / write permissions to the folder to your service account.

    For more information see:

    http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=278439&SiteID=1

    Cheers

    Wednesday, March 08, 2006 5:24 PM

All replies

  • Hi,

    The issue is that the account does not have access to the folder in which the work item cache is stored. You can correct this by:

    1. Specifying where the work item cache is to be stored in your web.config under the <appSettings> node:

    <add key="WorkItemTrackingCacheRoot" value="<newfolder>" />

    2. Granting read / write permissions to the folder to your service account.

    For more information see:

    http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=278439&SiteID=1

    Cheers

    Wednesday, March 08, 2006 5:24 PM
  • Thanks Chandru, the information and the link did help me understand a few things unfortunately, things aren't working as intended.

    After spending 4 days to figure the problem, I'm still grasping at straws here...

    When debugging locally and when deployed to my local machine, I can login perfectly and everything works.

    When the application is deployed on a server the app returns a:
    System.NullReferenceException: Object reference not set to an instance of an object.

    at that current line:
    WorkItemStore store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));

    Now I know this is a security/permission issue but which one and how to fix it is my concern.

    I have tried to place in my web.config file this instruction:
    <add key="WorkItemTrackingCacheRoot" value="C:\inetpub\wwwroot\FolderForCache" />

    I've manually created that "FolderForCache" folder in the above path on the Server.
    Then I though I set the client cache directory programatically but found out that it was only a get not a set.

    On the server, I've created a Virutal Directory then I created a new application pool in which I've changed the Identity to "Configurable" then added my username and password knowing that I have admin rights to access the TFS server(which is another server of ours).

    So the Application Pool runs under my credentials, the Virtual Directory runs under Anonymous access (since we want everyone to access the web site)

    Also, since I'm doing the following:
    NetworkCredential networkCredential = new NetworkCredential(TfsUserName, TfsPassword, TfsDomainName);
    ICredentials credential = (ICredentials)networkCredential;
    TeamFoundationServer tfs = TeamFoundationServerFactory.GetServer(DomainName, credential);

    I have set the values in bold inside my web.config file. The credential used are my username, password and domain name that have admin rights on the TFS Server.

    I've install remote debugging on the server in order to attach to process even if I know the error is permission related but when attaching to process, I was getting a symbol error so I couldn't trace/debugg since while deploying, the .pdf files are not being sent.

    BTW, and that's another question of mine, while creating a web application and building in Debug mode, why don't we get the .pdf files? If I wish to deploy to let's say...another server and then attach to process, I won't be able because of the pdf not being sent. What's the workaround?

    Anyway...back to the object reference issue...

    So then I decided to trace my web application inserting some trace that writes to a log file. Kinda like printf or Response.Write's in classic ASP.
    That's how I figured out that the problem was this line:
    WorkItemStore store = (WorkItemStore)tfs.GetService(typeof(WorkItemStore));

    While tracing I also traced the tfs.ClientCacheDirectoryForInstance to see where was it storing it.
    and the value was:
    C:\Documents and Settings\Default User\Local Settings\Application Data\Microsoft\Team Foundation\1.0\Cache\85a09588-6386-471d-8f16-a790ad06eae1

    So I went to that Folder and added my user and gave myself Full Control. Still no success!
    So I went above that and directly added myself to the Documents and Settings with Full Control.

    After all, the application pool runs under my username so it shouldn't have any problems checking the cache folders right?

    Perhaps I'm missing or overlooking something loll...I'm this close to give the "Everyone" Full Control to see what happens...

    Oh and I also added my user to the IIS_WPG group *and* the Administrator group.

    I also logged in that server with my username/password to create a profile on the server

    Thanks in advance for any help on this ussue!

    Vince

     



     

     




     

    Friday, March 10, 2006 3:11 PM
  • Vince, would you post the stack trace for the null reference exception?  That would likely help get to the bottom of this.

    Buck

    Thursday, March 16, 2006 5:05 AM
    Moderator
  • I did the same and I still have an exception:

    w3wp.exe Error: 0 : Thread was being aborted.
        DateTime=2007-01-30T13:18:38.0416145Z
    w3wp.exe Error: 0 :    at CPsMetadataMemoryStcImpl.FUpdateMemoryStc(CPsMetadataMemoryStcImpl* , UInt64 ullCurrentCachestamp, UInt64 ullStartPos, UInt64 ullUntilPos, Boolean fScanExisting)
       at ?FInit@CPsMetadataMemoryStcImpl@@$$FQAE_NW4PsMetadataTypeInternal@@PAVCPsMetadataCache@@PBUPsCacheHeader@@K@Z(CPsMetadataMemoryStcImpl* , Int32 eMetadataType, CPsMetadataCache* pCache, PsCacheHeader* pHeader, UInt32 dwFlags)
       at ?HrCreateInstance@?$CPsLookupRelationMetadata@VCPsLookupConstantSetParentMetadata@@UIPsLookupConstantSetRelationMetadata@@UIPsEnumConstantSetMetadata@@UIPsEnumConstantSetRelationMetadata@@UPsConstantSetParentRelation@@UPsConstantSetMetadataRecord@@UPsConstantSetRelationMetadataRecord@@UPsCacheConstantSetRecord@@@@$$FSAJW4PsMetadataTypeInternal@@PAVCPsMetadataCache@@PBUPsCacheHeader@@KPAPAUIUnknown@@@Z(Int32 eMetadataType, CPsMetadataCache* pCache, PsCacheHeader* pHeader, UInt32 dwFlags, IUnknown** ppUnk)
       at ?HrCreateLookupByFn@CPsMetadataCacheMemoryStcPool@@$$FAAEJP6AJW4PsMetadataTypeInternal@@PAVCPsMetadataCache@@PBUPsCacheHeader@@KPAPAUIUnknown@@@ZIIPAUPsMetadataCachedLookupTables@@PAU4@K3@Z(CPsMetadataCacheMemoryStcPool* , IntPtr pfnCreator, UInt32 iLookupType, UInt32 iInternalStcType, PsMetadataCachedLookupTables* pTables, PsCacheHeader* pHeader, UInt32 dwFlags, IUnknown** ppLookup)
       at CPsMetadataCacheMemoryStcPool.HrCreateConstantSetParentLookup(CPsMetadataCacheMemoryStcPool* , PsMetadataCachedLookupTables* pTables, PsCacheHeader* prgHeaders, UInt32 dwFlags, IUnknown** ppLookup)
       at CPsMetadataCacheSession.HrCreateSpecialLookup(CPsMetadataCacheSession* , $PTMType$P8CPsMetadataCacheMemoryStcPool@@AEJPAUPsMetadataCachedLookupTables@@PAUPsCacheHeader@@KPAPAUIUnknown@@@Z pfnCreator, UInt32 dwFlags, IUnknown** ppLookup)
       at CPsMetadataCacheSession.HrCreateConstantSetParentLookup(CPsMetadataCacheSession* , UInt32 dwFlags, IUnknown** ppLookup)
       at CPsCacheConstantParentLookupCreator.HrCreate(IPsMetadataReadFactory* pFactory, PsMetadataTypeMask eType, UInt32 dwFlags, IUnknown** ppUnk)
       at CPsCacheWrapper.HrCreatePrimitive<struct CPsCacheConstantParentLookupCreator,struct IPsLookupConstantSetRelationMetadata>(CPsCacheWrapper* , PsMetadataTypeMask eType, IPsLookupConstantSetRelationMetadata** ppIntf, UInt32 dwFlags)
       at CPsBusinessRuleEngine.HrBuildAccessToken(CPsBusinessRuleEngine* , Int32 fUseSidSecurity, Char* pszNamePart, Char* pszSid, IUnknown** ppUnkToken)
       at CCacheManager.HrSetIdentity(CCacheManager* , Char* bstrUserAccountName, Char* bstrUserFriendlyName, Char* bstrUserSid, PsUserDisplayModeEnum displayMode, Boolean fUseSidSecurity)
       at CProdStudioDataStore.HrRefreshCache(CProdStudioDataStore* , Boolean fResynchOnly, Boolean bInit, Boolean fNoFire, Boolean fByPassFireOnThis, Int32 hCredentials, Char* bstrUserAccountName, Char* bstrUserFriendlyName, Char* bstrUserSid)
       at CProdStudioDataStore.ConnectEx(CProdStudioDataStore* , Char* bstrUrl, Int32 hCredentials, Char* bstrDefaultCachePath, Char* bstrInstanceId, Char* bstrUserAccountName, Char* bstrUserFriendlyName, Char* bstrUserSid)
       at Microsoft.TeamFoundation.WorkItemTracking.Client.DataStore.DatastoreClass.ConnectEx(String connectionString, Int32 hCredentials, String defaultCachePath, String instanceId, String userSamName, String userFriendlyName, String userSid)
       at Microsoft.TeamFoundation.WorkItemTracking.Client.WorkItemStore.InitializeInternal()
       at Microsoft.TeamFoundation.WorkItemTracking.Client.WorkItemStore.Microsoft.TeamFoundation.Client.ITeamFoundationServerObject.Initialize(TeamFoundationServer teamFoundationServer)
       at Microsoft.TeamFoundation.WorkItemTracking.Client.WorkItemStore..ctor(TeamFoundationServer teamFoundationServer)

    Tuesday, January 30, 2007 1:23 PM
  • I ran into the same issue recently.  I fixed it by installing the Team Explorer on th server box and connecting it to the TFS Server.

     

    Thursday, November 08, 2007 10:45 PM
  • I ran into the same issue recently.  I fixed it by installing the Team Explorer on th server box and connecting it to the TFS Server.

     


    Installation of Team Explorer on the web server solved the issue for me as well. 
    Thursday, December 10, 2009 6:24 PM