Feedback
 
Did this article resolve your question/issue?

   

Your feedback is appreciated.

Please tell us how we can make this article more useful. Please provide us a way to contact you, should we need clarification on the feedback provided or if you need further assistance.

Characters Remaining: 1025

 


Article

Missing configuration for the requesting relying party

« Go Back

Information

 
Article Number000074033
EnvironmentProduct: Sitefinity
Version: 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, 11.x, 12.x
OS: All supported OS versions
Database: All supported Microsoft SQL Server versions
Question/Problem Description
When trying to login with an LDAP user, if the user is valid, the screen is blank and in the developer tools console, there is a 500 error.
Some users are having problems logging to the backend of Sitefinity and receive a YSOD error.
After switching to the New content editing experience, there is a problem with logging in. An error is received in the browser's console.
 
Steps to Reproduce
Clarifying Information
Error MessageException: Missing configuration for the requesting relying party "http://mysite.com" (address of the site)

Stack Trace: 
[ConfigurationException: Missing configuration for the requesting relying party Telerik.Sitefinity.Security.Claims.SWT.SWTIssuer.GetScope(IClaimsPrincipal principal, RequestSecurityToken request) +534 Microsoft.IdentityModel.SecurityTokenService.SecurityTokenService.Issue(IClaimsPrincipal principal, RequestSecurityToken request) +89 Telerik.Sitefinity.Security.Claims.ClaimsResolver.BuildSimpleWebToken(IClaimsPrincipal principal, String realm) +315 Telerik.Sitefinity.Security.Claims.SecurityTokenServiceHttpHandler.SendSimpleWebToken(HttpContextBase context, User user, RequestMessage reqMessage) +154 Telerik.Sitefinity.Security.Claims.SecurityTokenServiceHttpHandler.SendToken(HttpContextBase context, User user, RequestMessage reqMessage, String format) +160 Telerik.Sitefinity.Security.Claims.SecurityTokenServiceHttpHandler.ProcessRequest(HttpContextBase context) +1231 System.Web.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +508 
Defect/Enhancement Number
Cause
Resolution
If the authentication should work with the above domain, add the domain from the error message as a security issuer and relying party in the SecurityConfig file.

1. Go to Administration -> Settings -> Advanced, in the tree view on the left, click Security -> RelyingParties -> http://localhost.
2. Copy and save the content of fields Key, Encoding, and MembershipProvider.
3. In the tree view, click again RelyingParties.
4. For the address of the website from the exception, create a new relying party by performing the following:
   a. Click Create new button.
   b. In Realm input field, enter the domain. For example, http://mysite.com
   c. In Key, Encoding, and MembershipProvider input fields, enter the values copied from localhost.
   d. Click Save changes.
5. Restart the application.

The settings can also be applied from the SecurityConfig directly (App_Data -> Sitefinity -> Configuration).

1. Add a new record in the relying parties (use your key and encoding):
<relyingParties>
<add key="C69A6DA6E3546420AA6E86224E5A48B7F9101F8495B1077D5133AF3CFDCA461C" encoding="Hexadecimal" realm="http://localhost" />
<add key="C69A6DA6E3546420AA6E86224E5A48B7F9101F8495B1077D5133AF3CFDCA461C" encoding="Hexadecimal" realm="http://mysite.com" />

2. Save the config and restart.

In addition to this, open the web.config file and find the below entry:

<wsFederation passiveRedirectEnabled="true" issuer="http://localhost" realm="http://yourdomain.com" requireHttps="false" />
and make sure that the realm attribute is set to localhost as shown below:

<wsFederation passiveRedirectEnabled="true" issuer="http://localhost" realm="http://localhost" requireHttps="false" />
The above configurations are used to initialize the authentication module and "http://localhost" value is used as a placeholder that will be changed runtime to reflect the host (and port) where the site runs.

Do NOT change the realm if configured explicitly in Load Balancing scenarios.

If the issue persists, it is caused by the following bug, which has been resolved in Sitefinity version 9.0.6001.0:
http://feedback.telerik.com/Project/153/Feedback/Details/190911-missing-configuration-for-the-requesting-relying-party-with-login-status-control
For information on how to upgrade, check the following Progress Article: 000076924, How to update Sitefinity to hotfix, internal build or a patch
Workaround
Notes
Attachment 
Last Modified Date7/15/2019 10:18 AM