+1-888-365-2779
Try Now
More in this section

Forums / Developing with Sitefinity / Issue Signing in with Azure AD using HTTPS

Issue Signing in with Azure AD using HTTPS

4 posts, 1 answered
  1. bryber
    bryber avatar
    2 posts
    Registered:
    20 Apr 2015
    03 Nov 2015
    Link to this post

    I'm getting the following error when I try to sign in using Azure Active Directory as my external sts, using https.

    This is happening during the custom Authentication Handler which extends the SecurityTokenServiceHttpHandler, after it successfully authenticates the token returned from Azure AD, and moves onto the Sitefinity ProcessRequest method.

    Error line of code: base.ProcessRequest(context);

    [HttpException (0x80004005): Access denied] Telerik.Sitefinity.Security.Claims.SecurityTokenServiceHttpHandler.ValidateRequestSource(HttpContextBase context) +570 Telerik.Sitefinity.Security.Claims.SecurityTokenServiceHttpHandler.ProcessRequest(HttpContextBase context) +889

     

    The weird thing is that if i just hit the same page again, it processes through the request fine, and logs in the user. Also, I don't get this error when it returns to the non HTTPS version of the SWT (http://localhost/Sitefinity/Authenticate/SWT)

    Thank you.

    Answered
  2. bryber
    bryber avatar
    2 posts
    Registered:
    20 Apr 2015
    29 Apr in reply to bryber
    Link to this post

    Just in case anyone stumbles across this and has the same issue.  I have found a workaround.  It looks like the reason this happens is that the ProcessRequest function in the base SecurityTokenServiceHttpHandler doesn't like when the Request.Headers["Referer"] is an external HTTPS address.

    So, before I call the base.ProccessRequest(context) I change that header value to the SWT url using:

    context.Request.Headers["Referer"] = "<Domain>/Sitefinity/Authenticate/SWT";

  3. Benjamin
    Benjamin avatar
    2 posts
    Registered:
    09 Oct 2015
    01 Jun in reply to bryber
    Link to this post
    bryber. I owe you a beer. Kept on getting that error in Opera / Incognito Chrome and couldnt figure it out. Adding the Referer resolved my issue.
  4. Bryan
    Bryan avatar
    1 posts
    Registered:
    20 Apr 2015
    01 Jun in reply to Benjamin
    Link to this post

    Glad I could help!  Also I found that it didn't work in Safari, however adding the following in addition to the "Referer" line fixed it:

    context.Request.Headers["Origin"] = "<Domain>/Sitefinity/Authenticate/SWT";

4 posts, 1 answered