Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • James Kjeldsen 1 post 50 karma points
    Aug 19, 2014 @ 20:41
    James Kjeldsen
    0

    Blank Screen Logging into BackOffice after adding FederatedAuthentication Module

    Appologies up front as I'm sure I will leave out some details - Please let me know if any other info is needed.

    We have installed a new instance of umbraco 7.1.4 into our dev environment.  The umbraco site, our custom controls, and backoffice (logging in against our internal AD accounts) all work fine until we add in the FederatedAuthentication module.  Then the sso on the site works correctly, but when logging into backoffice - we get a blank white screen with js errors:

    Here is our web.config sections related to security and modules:

    <?xml version="1.0" encoding="utf-8"?>
    <configuration>
      <configSections>
        <section name="urlrewritingnet" restartOnExternalChanges="true" requirePermission="false" type="UrlRewritingNet.Configuration.UrlRewriteSection, UrlRewritingNet.UrlRewriter" />
        <section name="clientDependency" type="ClientDependency.Core.Config.ClientDependencySection, ClientDependency.Core" requirePermission="false" />
        <section name="Examine" type="Examine.Config.ExamineSettings, Examine" requirePermission="false" />
        <section name="ExamineLuceneIndexSets" type="Examine.LuceneEngine.Config.IndexSets, Examine" requirePermission="false" />
        <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler, log4net" requirePermission="false" />
        <section name="microsoft.identityModel" type="Microsoft.IdentityModel.Configuration.MicrosoftIdentityModelSection, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false" />
        <section name="microsoft.scripting" type="Microsoft.Scripting.Hosting.Configuration.Section, Microsoft.Scripting, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false" />
        <sectionGroup name="umbracoConfiguration">
          <section name="settings" type="Umbraco.Core.Configuration.UmbracoSettings.UmbracoSettingsSection, Umbraco.Core" requirePermission="false" />
          <section name="BaseRestExtensions" type="Umbraco.Core.Configuration.BaseRest.BaseRestSection, Umbraco.Core" requirePermission="false" />
          <section name="FileSystemProviders" type="Umbraco.Core.Configuration.FileSystemProvidersSection, Umbraco.Core" requirePermission="false" />
          <section name="dashBoard" type="Umbraco.Core.Configuration.Dashboard.DashboardSection, Umbraco.Core" requirePermission="false" />
        </sectionGroup>
        <sectionGroup name="system.web.webPages.razor" type="System.Web.WebPages.Razor.Configuration.RazorWebSectionGroup, System.Web.WebPages.Razor, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35">
          <section name="host" type="System.Web.WebPages.Razor.Configuration.HostSection, System.Web.WebPages.Razor, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
          <section name="pages" type="System.Web.WebPages.Razor.Configuration.RazorPagesSection, System.Web.WebPages.Razor, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" requirePermission="false" />
        </sectionGroup>
      </configSections>
      <umbracoConfiguration>
        <settings configSource="config\umbracoSettings.config" />
        <BaseRestExtensions configSource="config\BaseRestExtensions.config" />
        <FileSystemProviders configSource="config\FileSystemProviders.config" />
        <dashBoard configSource="config\Dashboard.config" />
      </umbracoConfiguration>
      <urlrewritingnet configSource="config\UrlRewriting.config" />
      <microsoft.scripting configSource="config\scripting.config" />
      <clientDependency configSource="config\ClientDependency.config" />
      <Examine configSource="config\ExamineSettings.config" />
      <ExamineLuceneIndexSets configSource="config\ExamineIndex.config" />
      <log4net configSource="config\log4net.config" />
      <appSettings>
        <!-- 
          Umbraco web.config configuration documentation can be found here: 
          http://our.umbraco.org/documentation/using-umbraco/config-files/#webconfig
          -->
        <add key="umbracoConfigurationStatus" value="7.1.4" />
        <add key="umbracoContentXML" value="~/App_Data/umbraco.config" />
        <add key="umbracoStorageDirectory" value="~/App_Data" />
        <add key="umbracoEnableStat" value="false" />
        <add key="umbracoEditXhtmlMode" value="true" />
        <add key="umbracoVersionCheckPeriod" value="7" />
        <add key="umbracoDisableXsltExtensions" value="true" />
        <add key="umbracoProfileUrl" value="profiler" />
        <add key="umbracoDbDSN" value="DBCONNECTION" />
        <add key="umbracoReservedUrls" value="~/config/splashes/booting.aspx,~/install/default.aspx,~/config/splashes/noNodes.aspx,~/VSEnterpriseHelper.axd" />
        <add key="umbracoReservedPaths" value="~/umbraco,~/install/" />
        <add key="umbracoPath" value="~/umbraco" />
        <add key="umbracoHideTopLevelNodeFromPath" value="true" />
        <add key="umbracoUseDirectoryUrls" value="false" />
        <add key="umbracoTimeOutInMinutes" value="1440" />
        <add key="umbracoDefaultUILanguage" value="en" />
        <add key="umbracoUseSSL" value="false" />
        <add key="umbracoUseMediumTrust" value="false" />
        <add key="umbracoContentXMLUseLocalTemp" value="false" />
        <add key="ValidationSettings:UnobtrusiveValidationMode" value="None" />
        <add key="webpages:Enabled" value="false" />
        <add key="enableSimpleMembership" value="false" />
        <add key="autoFormsAuthentication" value="false" />
        <add key="log4net.Config" value="config\log4net.config" />
        <!-- Websites -->
        <add key="USAWebsiteUrl" value="http://support.company-dev.com" />
        <!-- company Application Settings -->
        <add key="SQLConnectionString" value="DBCONNECTION" />
        <add key="SQLConnectionString_ForceProd" value="DBCONNECTION" />
        <add key="SSL_PathAndFileNames" value="/membership/login.aspx" />
        <!-- Used by company.Framework.Helpers.ActiveDirectory and old company.Web.Members -->
        <add key="ADUsername" value="EU\ADUsername" />
        <add key="ADPassword" value="ADPassword" />
        <add key="ADRolesPath" value="OU=Company.com groups,DC=eu,DC=adedev,DC=company,DC=com" />
        <!-- Global Variables -->
        <add key="ADRole_ActiveMembers" value="EU\Active Members" />
        <add key="AllConfigurationVariablesMustExist" value="false" />
        <add key="DebugMode" value="false" />
        <add key="DebugModeMemberEmailAddress" value="debugger@company.com" />
        <add key="MembershipDomainNamePostFix" value="@eu.adedev.company.com" />
        <!-- URL Variables (full addresses with no ending slash) -->
        <add key="URL_Base" value="http://support.company-dev.com" />
        <!-- Page Variables (relative only) -->
        <add key="Page_ErrorNoPermissions" value="~/Error.aspx?ErrorNumber=999" />
        <add key="Page_SignIn" value="~/membership/login.aspx" />
        <add key="Page_SignOut" value="~/" />
        <!-- Regular Expressions -->
        <add key="RegEx_EmailAddress" value="^([a-zA-Z0-9\'_\-\.]+)@((\[[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.)|(([a-zA-Z0-9\-]+\.)+))([a-zA-Z]{2,4}|[0-9]{1,3})(\]?)$" />
        <add key="RegEx_Password" value="^(?=.*\d)(?=.*[a-zA-Z]).{8,20}$" />
        <add key="RegEx_Password_Login" value="^.{2,20}$" />
        <!-- SMTP Variables (on QA can only send to company.com addresses) -->
        <add key="SMTPEnableSSL" value="False" />
        <add key="SMTPPort" value="25" />
        <add key="SMTPHost" value="server01.is.ad.company.com" />
        <add key="SMTPUserName" value="" />
        <add key="SMTPPassword" value="" />
        <add key="FederationMetadataLocation" value="https://proxyserver-dev.company.com/federationmetadata/2007-06/federationmetadata.xml" />
        <add key="log4net.Config" value="config\log4net.config" />
    
      </appSettings>
      <connectionStrings>
        <remove name="umbracoDbDSN" />
        <remove name="LocalSqlServer" />
        <add name="umbracoDbDSN" connectionString="connectionstring" />
        <!-- Important: If you're upgrading Umbraco, do not clear the connection string / provider name during your web.config merge. -->
        <add name="ADConnectionString_EU" connectionString="LDAP://connection" />
        <add name="ADConnectionString_MASTER" connectionString="LDAP://connection" />
        <add name="LDAPConnectionString" connectionString="LDAP://connection" />
        <add name="LDAPConnectionStringUsers" connectionString="LDAP://connection" />
        <add name="LDAPConnectionStringGroups" connectionString="LDAP://connection" />
        <add name="SQLConnectionString" connectionString="connection" />
        <add name="SurveyConnString" connectionString="connection" />
        <!-- companyMASTER (Dev) -->
        <add name="company_DMZ_SupportConnectionString" connectionString="connection" />
        <add name="companyEntities" connectionString="connection" />
        <add name="companyEntitiesForceProd" connectionString="connection" />
        <add name="LegacyContainer" connectionString="connection" />
        <add name="Container" connectionString="connection" />
      </connectionStrings>
    
    
      <location path="." inheritInChildApplications="false">
        <system.web>
          <authentication mode="None">
          </authentication>
          <authorization>
            <allow users="*" />
          </authorization>
          <compilation defaultLanguage="VB" debug="true" batch="false" targetFramework="4.0">
            <assemblies>
              <add assembly="System.Net.Http, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
              <add assembly="Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
              <add assembly="System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
              <add assembly="System.Data.Entity, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
              <add assembly="System.Data.DataSetExtensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
              <add assembly="System.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
              <add assembly="System.DirectoryServices, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B03F5F7F11D50A3A" />
              <add assembly="System.Transactions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
              <add assembly="System.Web.Abstractions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
              <add assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
              <add assembly="System.Web.Extensions.Design, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
              <add assembly="System.Xml.Linq, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
            </assemblies>
            <buildProviders>
              <add extension=".cshtml" type="umbraco.MacroEngines.RazorBuildProvider, umbraco.MacroEngines" />
              <add extension=".vbhtml" type="umbraco.MacroEngines.RazorBuildProvider, umbraco.MacroEngines" />
              <add extension=".razor" type="umbraco.MacroEngines.RazorBuildProvider, umbraco.MacroEngines" />
            </buildProviders>
          </compilation>
    
          <customErrors mode="Off" defaultRedirect="~/error.aspx" redirectMode="ResponseRewrite">
            <error statusCode="401" redirect="~/error.aspx?ErrorNumber=401" />
            <error statusCode="403" redirect="~/error.aspx?ErrorNumber=403" />
            <error statusCode="404" redirect="~/error.aspx?ErrorNumber=404" />
            <error statusCode="405" redirect="~/error.aspx?ErrorNumber=405" />
            <error statusCode="406" redirect="~/error.aspx?ErrorNumber=406" />
            <error statusCode="407" redirect="~/error.aspx?ErrorNumber=407" />
            <error statusCode="408" redirect="~/error.aspx?ErrorNumber=408" />
            <error statusCode="409" redirect="~/error.aspx?ErrorNumber=409" />
            <error statusCode="410" redirect="~/error.aspx?ErrorNumber=410" />
            <error statusCode="411" redirect="~/error.aspx?ErrorNumber=411" />
            <error statusCode="412" redirect="~/error.aspx?ErrorNumber=412" />
            <error statusCode="413" redirect="~/error.aspx?ErrorNumber=413" />
            <error statusCode="414" redirect="~/error.aspx?ErrorNumber=414" />
            <error statusCode="415" redirect="~/error.aspx?ErrorNumber=415" />
            <error statusCode="416" redirect="~/error.aspx?ErrorNumber=416" />
            <error statusCode="417" redirect="~/error.aspx?ErrorNumber=417" />
            <error statusCode="418" redirect="~/error.aspx?ErrorNumber=418" />
            <error statusCode="422" redirect="~/error.aspx?ErrorNumber=422" />
            <error statusCode="423" redirect="~/error.aspx?ErrorNumber=423" />
            <error statusCode="424" redirect="~/error.aspx?ErrorNumber=424" />
            <error statusCode="425" redirect="~/error.aspx?ErrorNumber=425" />
            <error statusCode="426" redirect="~/error.aspx?ErrorNumber=426" />
            <error statusCode="449" redirect="~/error.aspx?ErrorNumber=449" />
            <error statusCode="500" redirect="~/error.aspx?ErrorNumber=500" />
            <error statusCode="501" redirect="~/error.aspx?ErrorNumber=501" />
            <error statusCode="502" redirect="~/error.aspx?ErrorNumber=502" />
            <error statusCode="503" redirect="~/error.aspx?ErrorNumber=503" />
            <error statusCode="504" redirect="~/error.aspx?ErrorNumber=504" />
            <error statusCode="505" redirect="~/error.aspx?ErrorNumber=505" />
            <error statusCode="506" redirect="~/error.aspx?ErrorNumber=506" />
            <error statusCode="507" redirect="~/error.aspx?ErrorNumber=507" />
            <error statusCode="509" redirect="~/error.aspx?ErrorNumber=509" />
            <error statusCode="510" redirect="~/error.aspx?ErrorNumber=510" />
          </customErrors>
          <globalization requestEncoding="UTF-8" responseEncoding="UTF-8" culture="en-US" uiCulture="en-US" />
          <httpHandlers>
            <remove verb="*" path="*.asmx" />
            <add verb="*" path="*.asmx" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" />
            <add verb="*" path="*_AppService.axd" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" />
            <add verb="GET,HEAD" path="ScriptResource.axd" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" validate="false" />
            <add verb="*" path="umbraco/channels.aspx" type="umbraco.presentation.channels.api, umbraco" />
            <add verb="*" path="DependencyHandler.axd" type="ClientDependency.Core.CompositeFiles.CompositeDependencyHandler, ClientDependency.Core " />
            <add verb="GET,HEAD,POST" path="GoogleSpellChecker.ashx" type="umbraco.presentation.umbraco_client.tinymce3.plugins.spellchecker.GoogleSpellChecker,umbraco" />
            <add path="*" verb="PROPFIND" type="System.Web.DefaultHttpHandler" validate="true" />
            <add path="*" verb="OPTIONS" type="System.Web.DefaultHttpHandler" validate="true" />
            <add path="ChartImg.axd" verb="GET,HEAD,POST" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" validate="false" />
          </httpHandlers>
          <!--<httpRuntime requestValidationMode="2.0" enableVersionHeader="false" targetFramework="4.5" />-->
          <httpRuntime maxRequestLength="1073741824" requestValidationMode="2.0" requestValidationType="WifRequestValidator.Validator" />
          <!-- Membership Provider -->
          <membership defaultProvider="ADMembershipProvider_EU" userIsOnlineTimeWindow="15">
            <providers>
              <clear />
              <add name="ADMembershipProvider_EU" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="connection" />
              <add name="ADMembershipProvider_MASTER" type="System.Web.Security.ActiveDirectoryMembershipProvider, System.Web, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" connectionStringName="connection" />
              <add name="UmbracoMembershipProvider" type="umbraco.providers.members.UmbracoMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" defaultMemberTypeAlias="Another Type" passwordFormat="Hashed" />
              <!--<add name="UsersMembershipProvider" type="umbraco.providers.UsersMembershipProvider" enablePasswordRetrieval="false" enablePasswordReset="false" requiresQuestionAndAnswer="false" passwordFormat="Hashed" />-->
            </providers>
          </membership>
          <pages enableEventValidation="false">
            <controls>
              <add tagPrefix="asp" namespace="System.Web.UI" assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
              <add tagPrefix="asp" namespace="System.Web.UI.WebControls" assembly="System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
              <add tagPrefix="cw" src="~/UserControls/ConversionWorksheet/util/Other.ascx" tagName="Other" />
              <add tagPrefix="cw" src="~/UserControls/ConversionWorksheet/cstics/DynamicDropDown.ascx" tagName="DynamicDropDown" />
              <add tagPrefix="cw" src="~/UserControls/ConversionWorksheet/cstics/DynamicLabel.ascx" tagName="DynamicLabel" />
              <add tagPrefix="cw" src="~/UserControls/ConversionWorksheet/cstics/DynamicTextbox.ascx" tagName="DynamicTextbox" />
              <add tagPrefix="cw" src="~/UserControls/ConversionWorksheet/cstics/DynamicRadioButton.ascx" tagName="DynamicRadioButton" />
              <add tagPrefix="cw" src="~/UserControls/ConversionWorksheet/DynamicCstic.ascx" tagName="DynamicCstic" />
              <add tagPrefix="cw" src="~/UserControls/ConversionWorksheet/ThemeFirmware.ascx" tagName="ThemeFirmware" />
              <add tagPrefix="umbraco" namespace="umbraco.presentation.templateControls" assembly="umbraco" />
            </controls>
          </pages>
          <!-- Role Provider -->
          <roleManager enabled="true" defaultProvider="UmbracoRoleProvider">
            <providers>
              <clear />
              <add name="UmbracoRoleProvider" type="Umbraco.Web.Security.Providers.MembersRoleProvider" />
            </providers>
          </roleManager>
          <!--
          If you are deploying to a cloud environment that has multiple web server instances,
          you should change session state mode from "InProc" to "Custom". In addition,
          change the connection string named "DefaultConnection" to connect to an instance
          of SQL Server (including SQL Azure and SQL  Compact) instead of to SQL Server Express.
          -->
          <!--<sessionState mode="InProc" customProvider="DefaultSessionProvider">
            <providers>
              <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" />
            </providers>
          </sessionState>-->
          <trace enabled="false" requestLimit="10" pageOutput="false" traceMode="SortByTime" localOnly="true" />
          <webServices>
            <protocols>
              <add name="HttpGet" />
              <add name="HttpPost" />
            </protocols>
          </webServices>
          <xhtmlConformance mode="Strict" />
        </system.web>
    
        <system.webServer>
          <handlers accessPolicy="Read, Write, Script, Execute">
            <remove name="WebServiceHandlerFactory-Integrated" />
            <remove name="ScriptHandlerFactory" />
            <remove name="ScriptHandlerFactoryAppServices" />
            <remove name="ScriptResource" />
            <remove name="Channels" />
            <remove name="Channels_Word" />
            <remove name="ClientDependency" />
            <remove name="SpellChecker" />
            <add name="ScriptHandlerFactory" verb="*" path="*.asmx" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
            <add name="ScriptHandlerFactoryAppServices" verb="*" path="*_AppService.axd" preCondition="integratedMode" type="System.Web.Script.Services.ScriptHandlerFactory, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
            <add name="ScriptResource" verb="GET,HEAD" path="ScriptResource.axd" preCondition="integratedMode" type="System.Web.Handlers.ScriptResourceHandler, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
            <add verb="*" name="Channels" preCondition="integratedMode" path="umbraco/channels.aspx" type="umbraco.presentation.channels.api, umbraco" />
            <add verb="*" name="Channels_Word" preCondition="integratedMode" path="umbraco/channels/word.aspx" type="umbraco.presentation.channels.wordApi, umbraco" />
            <add verb="*" name="ClientDependency" preCondition="integratedMode" path="DependencyHandler.axd" type="ClientDependency.Core.CompositeFiles.CompositeDependencyHandler, ClientDependency.Core " />
            <add verb="GET,HEAD,POST" preCondition="integratedMode" name="SpellChecker" path="GoogleSpellChecker.ashx" type="umbraco.presentation.umbraco_client.tinymce3.plugins.spellchecker.GoogleSpellChecker,umbraco" />
            <remove name="ChartImageHandler" />
            <add name="ChartImageHandler" preCondition="integratedMode" verb="GET,HEAD,POST" path="ChartImg.axd" type="System.Web.UI.DataVisualization.Charting.ChartHttpHandler, System.Web.DataVisualization, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
          </handlers>
    
          <modules runAllManagedModulesForAllRequests="true">
            <remove name="ClientDependencyModule" />
            <remove name="UmbracoModule" />
            <remove name="UrlRewriteModule" />
            <remove name="ScriptModule" />
            <remove name="companyFedAuth" />
            <remove name="WSFederationAuthenticationModule" />
            <remove name="SessionAuthenticationModule" />
            <remove name="LegacyContainerHttpModule" />
            <add name="UrlRewriteModule" type="UrlRewritingNet.Web.UrlRewriteModule, UrlRewritingNet.UrlRewriter" />
            <add name="companyFedAuth" type="company.Web.FedAuth.LostSessionModule, company.Web.FedAuth" />
            <add name="WSFederationAuthenticationModule" type="Microsoft.IdentityModel.Web.WSFederationAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
            <add name="SessionAuthenticationModule" type="Microsoft.IdentityModel.Web.SessionAuthenticationModule, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" preCondition="managedHandler" />
            <add name="UmbracoModule" type="Umbraco.Web.UmbracoModule,umbraco" />
            <add name="ScriptModule" preCondition="managedHandler" type="System.Web.Handlers.ScriptModule, System.Web.Extensions, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31BF3856AD364E35" />
            <add name="ClientDependencyModule" type="ClientDependency.Core.Module.ClientDependencyModule, ClientDependency.Core" />
            <add name="LegacyContainerHttpModule" type="company.Web.HttpModules.LegacyContainerHttpModule, company.Web.New" />
          </modules>
    
          <staticContent>
            <mimeMap fileExtension=".woff" mimeType="application/x-font-woff" />
          </staticContent>
          <!-- Ensure the powered by header is not returned -->
          <httpProtocol>
            <customHeaders>
              <remove name="X-Powered-By" />
            </customHeaders>
          </httpProtocol>
          <validation validateIntegratedModeConfiguration="false" />
        </system.webServer>
      </location>
    
      <location path="membership/login.aspx">
        <system.web>
          <authorization>
            <deny users="?" />
          </authorization>
        </system.web>
        <system.webServer>
          <validation validateIntegratedModeConfiguration="false" />
        </system.webServer>
      </location>
    
      <microsoft.identityModel>
        <service>
          <audienceUris>
            <add value="https://support.company-dev.com/" />
          </audienceUris>
          <federatedAuthentication>
            <wsFederation passiveRedirectEnabled="true" issuer="https://proxyserver-dev.company.com/adfs/ls/" realm="https://support.company-dev.com/" requireHttps="false" />
            <cookieHandler requireSsl="false" />
          </federatedAuthentication>
          <applicationService>
            <claimTypeRequired>
              <!--Following are the claims offered by STS 'http://proxyserver-dev.company.com/adfs/services/trust'. Add or uncomment claims that you require by your application and then update the federation metadata of this application.-->
              <claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" optional="true" />
              <claimType type="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" optional="true" />
              <claimType type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" optional="true" />
            </claimTypeRequired>
          </applicationService>
          <issuerNameRegistry type="Microsoft.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35">
            <trustedIssuers>
              <add thumbprint="XXX123BlahThumbprint" name="http://proxyserver-dev.company.com/adfs/services/trust" />
            </trustedIssuers>
          </issuerNameRegistry>
          <certificateValidation certificateValidationMode="None" />
        </service>
      </microsoft.identityModel>
    
      <runtime>
        <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1">
          <!-- Old asp.net ajax assembly bindings -->
          <dependentAssembly>
            <assemblyIdentity name="System.Web.Extensions" publicKeyToken="31bf3856ad364e35" />
            <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="4.0.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="System.Web.Extensions.Design" publicKeyToken="31bf3856ad364e35" />
            <bindingRedirect oldVersion="1.0.0.0-1.1.0.0" newVersion="4.0.0.0" />
          </dependentAssembly>
          <!-- Ensure correct version of MVC -->
          <dependentAssembly>
            <assemblyIdentity name="System.Web.Helpers" publicKeyToken="31bf3856ad364e35" />
            <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="System.Web.Mvc" publicKeyToken="31bf3856ad364e35" />
            <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="System.Web.WebPages" publicKeyToken="31bf3856ad364e35" />
            <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="System.Web.WebPages.Razor" publicKeyToken="31bf3856ad364e35" />
            <bindingRedirect oldVersion="0.0.0.0-2.0.0.0" newVersion="2.0.0.0" />
          </dependentAssembly>
          <!-- Ensure correct version of HtmlAgilityPack -->
          <dependentAssembly>
            <assemblyIdentity name="HtmlAgilityPack" publicKeyToken="bd319b19eaf3b43a" culture="neutral" />
            <bindingRedirect oldVersion="1.4.5.0-1.4.6.0" newVersion="1.4.6.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="System.Net.Http" publicKeyToken="b03f5f7f11d50a3a" culture="neutral" />
            <bindingRedirect oldVersion="0.0.0.0-4.0.0.0" newVersion="4.0.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="Newtonsoft.Json" publicKeyToken="30ad4fe6b2a6aeed" culture="neutral" />
            <bindingRedirect oldVersion="0.0.0.0-6.0.0.0" newVersion="6.0.0.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="Remotion.Linq" publicKeyToken="fee00910d6e5f53b" culture="neutral" />
            <bindingRedirect oldVersion="0.0.0.0-1.13.183.0" newVersion="1.13.183.0" />
          </dependentAssembly>
          <dependentAssembly>
            <assemblyIdentity name="log4net" publicKeyToken="1b44e1d426115821" />
            <codeBase version="1.2.10.0" href="bin\log4net\1.2\log4net.dll" />
          </dependentAssembly>
        </assemblyBinding>
      </runtime>
    
      <system.codedom>
        <compilers>
          <compiler language="c#;cs;csharp" extension=".cs" type="Microsoft.CSharp.CSharpCodeProvider,System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" warningLevel="4">
            <providerOption name="CompilerVersion" value="v4.0" />
            <providerOption name="WarnAsError" value="false" />
          </compiler>
        </compilers>
      </system.codedom>
    
      <system.net>
        <mailSettings>
          <smtp>
            <network host="mailserver.is.ad.company.com" userName="" password="" port="25" />
          </smtp>
        </mailSettings>
      </system.net>
    
      <system.web.extensions>
        <scripting>
          <scriptResourceHandler enableCompression="true" enableCaching="true" />
          <webServices>
            <jsonSerialization maxJsonLength="5000000" />
          </webServices>
        </scripting>
      </system.web.extensions>
    
    <system.web.webPages.razor>
        <host factoryType="umbraco.MacroEngines.RazorUmbracoFactory, umbraco.MacroEngines" />
        <pages pageBaseType="umbraco.MacroEngines.DynamicNodeContext">
          <namespaces>
            <add namespace="Microsoft.Web.Helpers" />
            <add namespace="umbraco" />
            <add namespace="Examine" />
          </namespaces>
        </pages>
      </system.web.webPages.razor>
    </configuration>

    Here is our umbracoSettings.config:

    <?xml version="1.0" encoding="utf-8" ?>
    <settings>
      <!-- 
        umbracoSettings.config configuration documentation can be found here: 
        http://our.umbraco.org/documentation/using-umbraco/config-files/umbracoSettings/
        Many of the optional settings are not explicitly listed here 
        but can be found in the online documentation.
        -->
      <content>
        <errors>
          <error404>1</error404>
          
            <!--<error404>
                <errorPage culture="default">1</errorPage>
                <errorPage culture="en-US">200</errorPage>
            </error404>
           -->
        </errors>
        <notifications>
          <!-- the email that should be used as from mail when umbraco sends a notification -->
          <email>debugger@company.com</email>
        </notifications>
        <!-- Show property descriptions in editing view "icon|text|none" -->
        <PropertyContextHelpOption>text</PropertyContextHelpOption>
        <!-- The html injected into a (x)html page if Umbraco is running in preview mode -->
        <PreviewBadge><![CDATA[<a id="umbracoPreviewBadge" style="position: absolute; top: 0; right: 0; border: 0; width: 149px; height: 149px; background: url('{1}/preview/previewModeBadge.png') no-repeat;" href="{0}/endPreview.aspx?redir={2}"><span style="display:none;">In Preview Mode - click to end</span></a>]]></PreviewBadge>
        <!-- Cache cycle of Media and Member data fetched from the umbraco.library methods -->
        <!-- In seconds. 0 will disable cache -->
        <UmbracoLibraryCacheDuration>1800</UmbracoLibraryCacheDuration>
        <!-- How Umbraco should handle errors during macro execution. Can be one of the following values:
             - inline - show an inline error within the macro but allow the page to continue rendering. Historial Umbraco behaviour.
             - silent - Silently suppress the error and do not render the offending macro.
             - throw  - Throw an exception which can be caught by the global error handler defined in Application_OnError. If no such
                        error handler is defined then you'll see the Yellow Screen Of Death (YSOD) error page.
             Note the error can also be handled by the umbraco.macro.Error event, where you can log/alarm with your own code and change the behaviour per event. -->
        <MacroErrors>inline</MacroErrors>
        <!-- These file types will not be allowed to be uploaded via the upload control for media and content -->
        <disallowedUploadFiles>ashx,aspx,ascx,config,cshtml,vbhtml,asmx,air,axd</disallowedUploadFiles>
        <!-- Defines the default document type property used when adding properties in the back-office (if missing or empty, defaults to Textstring -->
        <defaultDocumentTypeProperty>Textstring</defaultDocumentTypeProperty>
      </content>
      <security>
        <!-- set to true to auto update login interval (and there by disabling the lock screen -->
        <keepUserLoggedIn>true</keepUserLoggedIn>
        <!-- change in 4.8: Disabled users are now showed dimmed and last in the tree. If you prefer not to display them set this to true -->
        <hideDisabledUsersInBackoffice>false</hideDisabledUsersInBackoffice>
      </security>
      <requestHandler>
        <!-- this will ensure that urls are unique when running with multiple root nodes -->
        <useDomainPrefixes>false</useDomainPrefixes>
        <!-- this will add a trailing slash (/) to urls when in directory url mode -->
        <addTrailingSlash>true</addTrailingSlash>
      </requestHandler>
      <templates>
        <!-- To switch the default rendering engine to MVC, change this value from WebForms to Mvc -->
    <useAspNetMasterPages>true</useAspNetMasterPages>
        <defaultRenderingEngine>WebForms</defaultRenderingEngine>
      </templates>
      
        <!-- this is used by Umbraco to determine if there's valid classes in the /App_Code folder to be used for Rest/XSLT extensions -->
      <developer>
        <appCodeFileExtensions>
          <ext>cs</ext>
          <ext>vb</ext>
        </appCodeFileExtensions>
      </developer>
        <!-- This moves the asp.net viewstate data to the end of the html document instead of having it in the beginning-->
      <viewstateMoverModule enable="false" />
      
      <scheduledTasks>
        <!-- add tasks that should be called with an interval (seconds) -->
        <!--    <task log="true" alias="test60" interval="60" url="http://localhost/umbraco/test.aspx"/>-->
      </scheduledTasks>
      <!-- distributed calls make umbraco use webservices to handle cache refreshing -->
      <distributedCall enable="false">
        <!-- the id of the user who's making the calls -->
        <!-- needed for security, umbraco will automatically look up correct login and passwords -->
        <user>0</user>
        <servers>
          <!-- add ip number or hostname, make sure that it can be reached from all servers -->
          <!-- you can also add optional attributes to force a protocol or port number (see #2) -->
          <!-- <server>127.0.0.1</server>-->
          <!-- <server forceProtocol="http|https" forcePortnumber="80|443">127.0.0.1</server>-->
        </servers>
      </distributedCall>
      <providers>
        <users>
          <!-- if you wish to use your own membershipprovider for authenticating to the umbraco back office -->
          <!-- specify it here (remember to add it to the web.config as well) -->
          <DefaultBackofficeProvider>ADMembershipProvider_MASTER</DefaultBackofficeProvider>
        </users>
      </providers>
      <!-- 
        web.routing
          @trySkipIisCustomErrors
            Tries to skip IIS custom errors.
            Starting with IIS 7.5, this must be set to true for Umbraco 404 pages to show. Else, IIS will take
            over and render its build-in error page. See MS doc for HttpResponseBase.TrySkipIisCustomErrors.
            The default value is false, for backward compatibility reasons, which means that IIS _will_ take
            over, and _prevent_ Umbraco 404 pages to show.
          @internalRedirectPreservesTemplate
            By default as soon as we're not displaying the initial document, we reset the template set by the
            finder or by the alt. template. Set this option to true to preserve the template set by the finder
            or by the alt. template, in case of an internal redirect.
            (false by default, and in fact should remain false unless you know what you're doing)
      -->
      <web.routing
        trySkipIisCustomErrors="false"
        internalRedirectPreservesTemplate="false">
      </web.routing>
    </settings>

    The logger makes it look as though the user has logged in successfully:

    2014-08-19 11:32:54,288 [447] INFO  Umbraco.Web.Security.WebSecurity - [Thread 449] User Id: 3 logged in

    And some cookies are set:

    ASP.NET_SessionId

    fsecru1qiadseatdg3wn2r5d2sfsr1

    support.company-dev.com

    /

    Session

    41

    Recycle

    58c19d1c-435c-492ASDFf-948a-acd524afdadabd0

    support.company-dev.com

    /

    Fri, 19 Aug 2044 17:46:40 GMT

    43

    UMB_UCONTEXT

    71782374ACA54AE9CF1B7C49E4ASDFASDF6639C375FEB395FBBC11F0A444190381848CC5A08954AEA40C62B98334B27895A3A36173BDF3A4E827D389C9BF3C849804366903BF11929364CBD16C1BE01AB48B3D8AB94D7CAC2F30465586078867988BAA926C819AC2D5F37AB574BA285EC489F9D13BE3BFE067E46A843B5A0FB1A0F102EFF2B10FB5086F62DCDBD705982C20FE961D6127163C15D5790A0068BE0161557F3E6BBAAC1B3A0C4BC751E7C8BDF6FB4BCBBE62E17877871ECA417E022AA451B4758E5FD57BAEFF4F7A852E4F7DABD8969E3ECFABD5500510BEFAB10FCE7E7B2AAAB8B06A7464536F3275056B19227C8146BBC0CF347E92CAEAC89F12AFC6AD158558FDA18A36A58BC5BE2FB5E95C3E0CAAA9E95D4833AB395C12E16C78A202E62D061C19C927E66C88CD3330F6AA739336F50A1C2CD5216943BFC135A213BEE7B396201BECA3ADCAFDE6A978583D819C4DF5576A82635F38D29A4960E80250E7FAD80BA43EA204E630B6F4669975BCCB9F6EE704E47EC0AC6048727AA5ED9FDA9ACCBED257256C1772C4FB0A07F458721ADEA51AA862EFD3539E7DDCACA4C053A0F5384CCC118B157ACAA0EA17A65856FBA3F74601252532AD1BA37F56CF28619ADF079A9CC8F756AA8E7652D2D08C4CFD3A694CD36B16E92A854860D491117C4E2C5D3575D9163ACB15924342BB3227F331896920130219DA0121349C6FB2880EAA9CEBE57C69F3DD7392B9C84C0B66A7F4407BD15C86F0754A124DA9990E3676C721A9FD11A6DD62EE71292768604E8BAF9944C49766D49974052665BE065C34630EE6E370CAAB3148023A56EF645905362E41A1999925989F58BCD1A7A8F8BC5C5436611916AA2F09AFFD9E89DB90E63C1DD0BF8DEE6DE28B69A1FB5E87355D

    support.company-dev.com

    /

    Wed, 20 Aug 2014 17:46:42 GMT

    1292

    We are stumped - this worked with umbraco 4.11.10, but it seems as though with all of the client side security now implemented in umbraco - that authentication is maybe not getting passed down to client security code.  Any help will be appreciated.

     

  • Paul Stoker 39 posts 72 karma points c-trib
    Jan 14, 2015 @ 17:10
    Paul Stoker
    0

    Hi James,

    Did you ever fix this? We have the same issue, very frustrating, only happens in our production environment and only in IE.

    The only reason I can see why this happens is that the browser does not seem to set the cookies that are returned from this url:

    http://localhost/umbraco/backoffice/UmbracoApi/Authentication/PostLogin

    Thanks,

    Paul

  • Paul Stoker 39 posts 72 karma points c-trib
    Jan 14, 2015 @ 17:35
    Paul Stoker
    0

    Hi James,

    We just figured out the issue. The reason for the blank screen on IE in our case was that we were using a host name that had an underscore in it so all of the urls were:

    umbraco_v7.local

    It seems that IE would prevent cookies that included the underscore from being set and simply changing the host name to this fixed it:

    umbraco-v7.local

    All I can say is GOD DAMN IE!!!

    Thanks,

Please Sign in or register to post replies

Write your reply to:

Draft