locked
Visual Studio 2010 - Add STS Reference - FedUtil - "Access is denied"

    Question

  • I am using Visual Studio 2010 Beta on Windows 7 and have installed WIF SDK.

    I have tried to run the Add STS Reference wizard (FedUtil) but I get an error message (Access is denied) during the creation of a new STS Web Site.

    I can browse the new STS Web Site and get a login page, but pressing submit gets the following error back: The action '<EMPTY>' (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.

    Any ideas?
    Cheers Harry
    Monday, November 23, 2009 7:22 AM

Answers

  • Hi,

      You need to set your Claims aware website as the start up project, instead of the STS when pressing F5 in Visual Studio. What happened here is that you browsed to the STS directly, without visiting the website first. However, visiting the website was necessary as that initial visit triggers a message to be built and sent to the STS as part of a http redirect. The error you are seeing is the STS not able to find the message needed to process a request.

    Thanks,

    Daniel


    Daniel Wu
    • Marked as answer by Harry Pfleger Tuesday, November 24, 2009 6:45 AM
    Tuesday, November 24, 2009 12:14 AM
  • FedUtil requires VS to be run as administrator.

    Can you confirm if this issue continues to show up when VS is elevated?
    • Marked as answer by Harry Pfleger Tuesday, November 24, 2009 6:45 AM
    Monday, November 23, 2009 8:50 PM
    Moderator
  • Thankx Daniel

    I followed your step and I did get the following message:

    A potentially dangerous Request.Form value was detected from the client (wresult="<trust:RequestSecuri...").

    After adding the following in web.config to <system.web>

        <httpRuntime requestValidationMode="2.0" />
        <pages validateRequest="false" />

    it is working now!
    Thankx for the Support, cheers Harry
    • Marked as answer by Harry Pfleger Tuesday, November 24, 2009 6:47 AM
    Tuesday, November 24, 2009 6:45 AM

All replies

  • FedUtil requires VS to be run as administrator.

    Can you confirm if this issue continues to show up when VS is elevated?
    • Marked as answer by Harry Pfleger Tuesday, November 24, 2009 6:45 AM
    Monday, November 23, 2009 8:50 PM
    Moderator
  • I did not run as admistrator. So now I did and I do not get the Access is denied message box, but I still get:

    The action '<EMPTY>' (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.

    [InvalidOperationException: The action '<EMPTY>' (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.]
       _Default.Page_PreRender(Object sender, EventArgs e) in c:\...\BusinessApplication1\BusinessApplication1.Web_STS\Default.aspx.cs:58

    Any ideas here?

    Monday, November 23, 2009 11:31 PM
  • Hi,

      You need to set your Claims aware website as the start up project, instead of the STS when pressing F5 in Visual Studio. What happened here is that you browsed to the STS directly, without visiting the website first. However, visiting the website was necessary as that initial visit triggers a message to be built and sent to the STS as part of a http redirect. The error you are seeing is the STS not able to find the message needed to process a request.

    Thanks,

    Daniel


    Daniel Wu
    • Marked as answer by Harry Pfleger Tuesday, November 24, 2009 6:45 AM
    Tuesday, November 24, 2009 12:14 AM
  • Thankx Daniel

    I followed your step and I did get the following message:

    A potentially dangerous Request.Form value was detected from the client (wresult="<trust:RequestSecuri...").

    After adding the following in web.config to <system.web>

        <httpRuntime requestValidationMode="2.0" />
        <pages validateRequest="false" />

    it is working now!
    Thankx for the Support, cheers Harry
    • Marked as answer by Harry Pfleger Tuesday, November 24, 2009 6:47 AM
    Tuesday, November 24, 2009 6:45 AM
  • I am using Visual Studio 2008 template to create STSWebSite and ClaimsAwareWebSite

    I went to the ClaimsAwareWebSite and then it is redirecting to STSWebSite and when I click submit on the login page, I am getting the below error

     

    Server Error in '/STSWebSite' Application.

    The action '<EMPTY>' (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.

    Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

    Exception Details: System.InvalidOperationException: The action '<EMPTY>' (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.

    Source Error:

    Line 65:                                    WSFederationConstants.Actions.SignOut ) );
    Line 66:             }
    Line 67:         }
    Line 68:         catch ( Exception exception )
    Line 69:         {

    Source File: c:\inetpub\wwwroot\STSWebSite\Default.aspx.cs    Line: 67

    Stack Trace:

    [InvalidOperationException: The action '<EMPTY>' (Request.QueryString['wa']) is unexpected. Expected actions are: 'wsignin1.0' or 'wsignout1.0'.]
       _Default.Page_PreRender(Object sender, EventArgs e) in c:\inetpub\wwwroot\STSWebSite\Default.aspx.cs:67
    
    [Exception: An unexpected error occurred when processing the request. See inner exception for details.]
       _Default.Page_PreRender(Object sender, EventArgs e) in c:\inetpub\wwwroot\STSWebSite\Default.aspx.cs:72
       System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o, Object t, EventArgs e) +25
       System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender, EventArgs e) +42
       System.Web.UI.Control.OnPreRender(EventArgs e) +11025518
       System.Web.UI.Control.PreRenderRecursiveInternal() +108
       System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint
    Thursday, March 18, 2010 1:47 PM
  • You need to set your Claims aware website as the start up project, instead of the STS when pressing F5 in Visual Studio. What happened here is that you browsed to the STS directly, without visiting the website first. However, visiting the website was necessary as that initial visit triggers a message to be built and sent to the STS as part of a http redirect. The error you are seeing is the STS not able to find the message needed to process a request.
    Jitendra Singh Sr. Engineer
    Tuesday, November 30, 2010 3:50 AM
  • Hi SSurapan

    You can add the following code in the "Page_PreRender" method

        if (string.IsNullOrEmpty(action))
        {
          return;
        }
    

    just beneath this line

    string action = Request.QueryString[WSFederationConstants.Parameters.Action];
    

    • Proposed as answer by StevenD007 Thursday, February 24, 2011 11:38 AM
    Thursday, February 24, 2011 11:30 AM
  • Thankx Daniel

    I followed your step and I did get the following message:

    A potentially dangerous Request.Form value was detected from the client (wresult="<trust:RequestSecuri...").

    After adding the following in web.config to <system.web>

    <httpRuntime requestValidationMode="2.0" />
    <pages validateRequest="false" />

    it is working now!
    Thankx for the Support, cheers Harry

     

    That's right but you don't have to disable request validation.
        <pages validateRequest="false" /> // can be true

     


    Monday, January 16, 2012 9:30 AM