Tuesday, March 31, 2015

Visual Studio : Missing metadata

Out of the blue, starting getting:

Metadata file '...\abc\xyz.dll' could not be found

Look in the folder - there it is - WTF?

Mr. Google and figured out that something had changed in my build order.

To get the build order, right click the solution - "Project Build Order".

Then build all the dll first and then the projects that consume the .dll.

You can do this by playing around with the dependencies.


Friday, March 13, 2015

ASP.NET : Could not load file or assembly

For example:

"Could not load file or assembly System.Web.Http.WebHost, Version=".

Came to work one morning, built my system, WTF, error as above.

All worked perfectly when I left the day before.

There had been a Windows Update during the night and obviously some dll's had been updated - so much for backward compatibility.

Problem was - I couldn't figure out who was calling this dll and hence where the reference / binding was

Mr. Google and came across this Scott Hansleman post:

Back to Basics: Using Fusion Log Viewer to Debug Obscure Loader Errors

I'm using VS 2013 and Windows 8.1.

So go to:

C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Tools\Shortcuts

This is the shortcut to the VS Command Line Tool - "Developer Command Prompt for VS2013".

In the command line - fuslogvw.exe - run as Administrator.

In Settings - "Log bind failures to disk" / "Enable custom log path". Type in path - make sure the path exists.

Restart IIS.

Navigate to your web site - get the error - back to the tool - click "Refresh" - BOOM.

You will also notice that the text on the ASP.NET error page is different - it doesn't talk about the regedit change.

To repeat - if you use the tool you don't have to screw around with registry settings.

When you are done, remember to disable the log via the tool as it slows everything down.


Wednesday, March 11, 2015

WIF : WIF10201: No valid key mapping

The full error is:

WIF10201: No valid key mapping found for securityToken: 'System.IdentityModel.Tokens.X509SecurityToken' and issuer: 'http://xxx/adfs/services/trust'.

This is with ADFS 3.0 and the base VS 2013 with ASP.NET MVC.

Long discussion with Mr. Google - many entries, many explanations - "remove the trailing slash" , blah, blah, the most bizarre was "This is because WIF doesn't support SAML".

Yes - that statement's true but WTF does it have to do with the problem?

Google quality is getting exponentially worse and worse.

I knew this error rang a bell and after some quite reflection I remembered why. Vittorio had mentioned it:

His article didn't apply in my case because I get the error straight away - the home page doesn't display so there's no "Sign up for this application" link.

The article goes on to say that this "issue will be fixed soon".

So I took a punt and upgraded to VS 2013 Update 4.

Created a new project - problem solved.


Friday, March 06, 2015

ADFS : Legacy IE, legacy OS and ADFS 3.0

This is the ADFS that runs on Server 2012 R2.

Been busy with a project that has some legacy components.

Firstly - XP.

No longer supported and full of security holes. In particular, it does not support SNI (Server Name Indication).

To get ADFS 3.0 to work, refer:

How to support non-SNI capable Clients with Web Application Proxy and AD FS 2012 R2

ADFS 3.0 login failing from IE8

IE8 is the last incantation of IE on XP.

If you use a later OS e.g. Windows 7 and you play in the identity space with federation and lots of redirects, you may find IE 8 reporting "Internet Explorer cannot display the webpage".

This is because IE 8 has a redirect limit of 10 which is fine for a normal web site but not fine for the SSO browser profile which is based on redirects i.e.

User --> Application --> IDP1 --> IDP2 --> IDP 3 etc and then the rollback all the way down.

If the application is SharePoint, that alone has 3 to 4 redirects.

There is a "fix" but it involves regedit which is per machine and not something suitable for the average user,

Far better to upgrade IE or use another browser.