Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Forms authentication machineKey unable to validate data error in custom security extension #252

Closed
TestO2015 opened this issue Nov 9, 2022 · 1 comment
Closed

Forms authentication machineKey unable to validate data error in custom security extension #252

TestO2015 opened this issue Nov 9, 2022 · 1 comment

Comments

@TestO2015
Copy link

TestO2015 commented Nov 9, 2022
edited
Loading

I have followed the guides here to setup a custom security extension. So far the login and ReportServer are working however the Report portal https://localhost/reports has a 500 error. From the logs:

Exception: System.Web.HttpException (0x80004005): Unable to validate data. at System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, Boolean useValidationSymAlgo, Boolean useLegacyMode, IVType ivType, Boolean signData) at System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreateRequestContextFromCookie(IOwinContext context) at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.CreatePortalIdentity(IOwinContext context) at Microsoft.BIServer.Owin.Common.Middleware.CustomAuthenticationMiddleware.Invoke(IOwinContext context) at Microsoft.Owin.Security.Infrastructure.AuthenticationMiddleware``1.<Invoke>d__0.MoveNext() --- End of stack trace from previous location where exception was thrown --- at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw() at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Microsoft.BIServer.Owin.Common.Middleware.RequestLoggingMiddleWare.<Invoke>d__2.MoveNext() | RequestID = s_562e4f17-7d98-45e0-b744-02509f01e0d8

Apparently it's having trouble with the machineKey used for encryption.

I have included the machineKey in:

  • web.config
  • rsReportServer.config
  • rsPortal.config

<machineKey validationKey="33A11FDECC5CB917123E44C5BDAF1859942D5FD0D80E1CA3FF2F32576F391556" decryptionKey="1581FF2A206D1A3C283442C84EF2EBD333AE0B27BC85C502E1A771058539C4B1" validation="AES" decryption="AES" />

#121
Note: I don't mean to duplicate issue 121 which looks the same, it's just that none of the solutions posted there have worked for me.

I've tried many solutions aimed at addressing the machineKey error. Now I found the code for MachineKeySection.cs from Microsoft and it seems the "Unable_To_Validate_Data" error could be masking something else gone wrong.

// It's important that we don't propagate the original exception here as we don't want a production
// server which has unintentionally left YSODs enabled to leak cryptographic information.
            throw new HttpException(SR.GetString(SR.Unable_to_validate_data));

Any suggestions as to what I could be missing?
@TestO2015
Copy link
Author

I found the issue. The Forms Authentication ticket had never been encrypted when it was created on the ReportServer app and so failed while trying to decrypt it on the ReportPortal app.

To fix this I enabled <forms ... protection="All"> on the ReportServer web.config file.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@TestO2015