I updated an umbraco site from v7.2.6 to v7.5.14 via NuGet.
The update went fine and the column securityStampToken is added to the umbracoUser table.
All entries inside that table have a NULL value in the securityStampToken column.
Now I went from v7.5.14 to v7.11.1, but I'm unable to login to the back-office when the update wizard is shown. An exception is thrown:
"Message": "An error has occurred.",
"ExceptionMessage": "Value cannot be null.
Parameter name: value",
"ExceptionType": "System.ArgumentNullException",
"StackTrace": " at System.Security.Claims.Claim..ctor(String type, String value, String valueType, String issuer, String originalIssuer, ClaimsIdentity subject, String propertyKey, String propertyValue)
at System.Security.Claims.Claim..ctor(String type, String value, String valueType, String issuer, String originalIssuer, ClaimsIdentity subject)
at Umbraco.Core.Security.UmbracoBackOfficeIdentity.AddUserDataClaims()
at Umbraco.Core.Security.UmbracoBackOfficeIdentity..ctor(ClaimsIdentity claimsIdentity, UserData userdata)
at Umbraco.Core.Security.BackOfficeClaimsIdentityFactory`1.<CreateAsync>d__3.MoveNext()"
//The security stamp claim is also required... this is because this claim type is hard coded
// by the SecurityStampValidator, see: https://katanaproject.codeplex.com/workitem/444
if (HasClaim(x => x.Type == Microsoft.AspNet.Identity.Constants.DefaultSecurityStampClaimType) == false)
AddClaim(new Claim(Microsoft.AspNet.Identity.Constants.DefaultSecurityStampClaimType, SecurityStamp, ClaimValueTypes.String, Issuer, Issuer, this));
So there are 2 possibilities: the securityStampToken is NULL but it shouldn't, or the login needs a securityStampToken while it may be NULL.
legacyEncoding is set to true, like it used to be before upgrading.
Cookies are cleared, also tried incognito mode.
Both migrations are recorded in the database, so they both ran.
I really think it's not possible to upgrade from v7.5 to v7.11, I'm afraid I have to take smaller steps :-(
So now I'm on 7.9.latest and logging in works for my account (which has a securityStampToken set).
All the other Users do not have one yet, because they haven't logged in with v7.7 yet.
Now when I remove the securityStampToken value from my user in the database, I'm unable to log in (same errors as the TS).
This means that I have to enter some random value for each user in the database to make the upgrades work. Seems like a bug to me?
Thanks Stefan for hanging in there, I see now where the error comes from and yes, it should not be necessary to add your own random guid into those columns.
The code you pointed out is exactly where the problem comes from, now we need to figure out how to fix it though. :-)
Upgrading from v7.5 to v7.11 - unable to login
I updated an umbraco site from v7.2.6 to v7.5.14 via NuGet. The update went fine and the column
securityStampTokenis added to theumbracoUsertable. All entries inside that table have a NULL value in thesecurityStampTokencolumn.Now I went from v7.5.14 to v7.11.1, but I'm unable to login to the back-office when the update wizard is shown. An exception is thrown:
I attached the umbraco source and it fails on this line: https://github.com/umbraco/Umbraco-CMS/blob/cbd5071eed98e6ee65506c7347d96239e7ca50af/src/Umbraco.Core/Security/UmbracoBackOfficeIdentity.cs#L230
So there are 2 possibilities: the
securityStampTokenis NULL but it shouldn't, or the login needs asecurityStampTokenwhile it may be NULL.did you change the value for legacyEncoding in the web.config : https://our.umbraco.com/documentation/Getting-Started/Setup/Upgrading/version-specific#version-760
Dave
Here somebody has the same error by the way : https://our.umbraco.com/forum/umbraco-7/using-umbraco-7/72405-error-for-umbraco-admin-login-after-upgrade-to-730
legacyEncodingis set to true, like it used to be before upgrading.Cookies are cleared, also tried incognito mode.
Both migrations are recorded in the database, so they both ran.
I really think it's not possible to upgrade from v7.5 to v7.11, I'm afraid I have to take smaller steps :-(
And here is another post : https://our.umbraco.com/forum/using-umbraco-and-getting-started/92297-cant-login-after-umbraco-upgrade
dave
Just now I upgraded from 7.5 to 7.7, which on sign-in does fill the
securityStampTokencolumn.Now I'll be upgrading to 7.9 and then to 7.11.
So now I'm on 7.9.latest and logging in works for my account (which has a
securityStampTokenset).All the other Users do not have one yet, because they haven't logged in with v7.7 yet.
Now when I remove the
securityStampTokenvalue from my user in the database, I'm unable to log in (same errors as the TS).This means that I have to enter some random value for each user in the database to make the upgrades work. Seems like a bug to me?
Thanks Stefan for hanging in there, I see now where the error comes from and yes, it should not be necessary to add your own random guid into those columns.
The code you pointed out is exactly where the problem comes from, now we need to figure out how to fix it though. :-)
http://issues.umbraco.org/issue/U4-11486
No problem! Looking forward to a fix :-) In the meantime I'll add those random guids.
is working on a reply...