I have a provider hosted app (a normal asp.net web forms application) deployed on a typical web server IIS 7.5.
While launching the app from SharePoint Site in Office 365 Multi Tenant, it's throwing the below issue on App launch.
On capturing details using Fiddler, found the following when the app is launched
SPAppToken=&SPSiteUrl=https%3A%2F%2Fabc.sharepoint.com%2Fsites%2Fspdev%2Famsdev%2Famitamsdev&SPSiteTitle=amitamsdev&SPSiteLogoUrl=%2Fsites%2Fspdev%2FSiteAssets%2Flogo.gif&SPSiteLanguage=en-US&SPSiteCulture=en-US&SPRedirectMessage=EndpointAuthorityMatches&SPCorrelationId=31477a9c-2902-204a-8393-67eced1a10b8&SPErrorCorrelationId=31477a9c-2902-204a-8393-67eced1a10b8&
SPErrorInfo=The+requested+operation+requires+an+HTTPS+%28SSL%29+channel.++Ensure+that+the+target+endpoint+address+supports+SSL+and+try+again.++Target+endpoint+address
The SPErrorInfo Part is interesting. I am unable to confirm whether we really need the remote site to be configured for https?
Additional Information - Identity Provider is ACS and it is a low trust app.
Can someone suggest?
Regards,
Nitin Rastogi
In a production environment, you should always be using HTTPS. If you don't, you're exposing yourself (and your organization) to many risks.
If this is your development environment and you are confident this isn't an issue, you may want to look at the accepted answer to this question on the MSDN forums, which mentions the same error message. Their solution to bypass the HTTPS checking:
$c = Get-SPSecurityTokenServiceConfig
$c.AllowMetadataOverHttp = $true
$c.AllowOAuthOverHttp=$true
$c.Update()
When packaging the SharePoint App from Visual Studio, you must ensure that the URL you use is using HTTPS:
In IIS, add an HTTPS binding to the site to achieve this. You would have to reupload the App to SharePoint after packaging it with the new HTTPS URL.
More information here.
Related
We developed a web application using sharepoint 2013. We used rdlc reports for reports. I configured these reports in lower environments, it's working as expected. But when I deployed the code in production environment it's not working. I am getting Asp.net session is expired or could not be found. FYI, in prod we have load balancers with two server nodes and session state as inproc
Maybe your problem is the forms authentication name attribute.
The name attribute make different applications use the same authentication in asp.net ecosystem.
It's in Portuguese, but the example can help you: https://www.rcelebrone.com/2017/09/forms-authentication-nao-mentem.html?m=1
I have one Django App. I want to get this app on World Wide Web.
Can anyone please help me with steps.
Like Some server addition(e.g. Apache or Nginx),Configuration of server,Integrating with Django,Web Hosting,etc.
Thanks
This at this link you will find a tutorial that helps you to deploy your app with NGINX
http://uwsgi-docs.readthedocs.io/en/latest/tutorials/Django_and_nginx.html
simple and fast
In regards to hosting, you will have to get a domain name (unless you want to connect to your web page via IP address).
If you want to host your own web page from your server you will also have to set up your router to forward traffic to your server's IP. Having a static IP from your internet provider is preferable and also set your machine to have a static IP so you don't have problems with routing.
If you don't want the hassle of setting up a server environment all by yourself, you can also choose a PaaS provider like Heroku which supports Django applications out of the box. Hosting will cost more, but you will save time deploying your apps.
I am having a problem when setting up ADFS in a web application which have hosted name site collections. Although I put ADFS authentication in a different zone, but in my hosted site name collections, I still can search for ADFS accounts. Please refer to the detailed info below:
My situation is:
I have a web application which have 2 hosted name site collections. It is using NTML authentication in Default Zone.
In order to use ADFS, I extended the web application to Internet Zone
However, during the extending web application, I think the SercurityTokenServiceApplication got some problems. I had to restart application pool of the SecurityTokenServiceApplication. After that I continued to configure ADFS in sharepoint.
Then my problem is:
The login via ADFS works perfectly. However, I have got a problem with the people picker of the hosted name site collections. When I opened the people picker to check permission, I tried to enter an account and the people picker showed both results from ActiveDirectory and ADFS. This problem now is in production farm, but it did not happen in my staging farm. I think it is because the SecurityTokenServiceApplication was not down at the time I set up in the stating environment.
I tried to reproduce the problem in my testing environment by stopping the SecurityTokenServiceApplication during extending web application step, then I got the same problem in the production.
However, the path-based site collections in the web application do not have this problem. Every hosted name site collection have issue.
I even tried to delete the web application and recreate again but the problem still exists.
From my understanding, if I set up that way, only site collections from Internet zone can retrieve users from ADFS. However, I do not know how to resolve the above problem. If there is any one experienced the same problem, please kindly advise.
Thanks a lot.
I have a site running via Visual Studio (i.e. at http://localhost:1234)
I need to access this site from test web server(windows/IIS).
I can ping from the web server to my machine name.
Just wondering what I need to do to test this? to browse the site from the web server?
Thanks
I usually just do a quick Publish and set up a web site application in IIS to point to the published location. I am interested to know if there is another way though.
There is a web service application hosted On IIS 7.5. Authentication mode is Windows. When calling web services through my application, useDefaultCredentials atttribute on web service client is false. So web service call made on behaf of anonymous user. And also anonymous authentication mode enabled on IIS for the web service application.
To call web services successfully, I have to give read permission to everyone on folder which the web service application resides. But this causes to folder can be reached and read from everyone.
How can I hide the folder to be seen by everyone in this case?
If I am not successful to describe the issue, I can give you detailed explanations of specific points you want to understand.
I found the solution. I granted read permission for the built-in IUSR account and removed read permission for the everyone. So in this way, anyone on the domain cannot read the folder contents anymore.