个人中心
文章发布
退出
作者热门文章
- c - 在位数组中找到第一个零
- linux - Unix 显示有关匹配两种模式之一的文件的信息
- 正则表达式替换多个文件
- linux - 隐藏来自 xtrace 的命令
28
4
这个已经有人问了Here ,但不是我和 OP 接受了一个对我没有帮助的答案。到目前为止,我尝试过从不同的浏览器登录、更改网络配置、清除 cookie 以及从外部计算机加载。
事实上,我最终确实发现问题出在我自己的机器上;当我发布到另一台机器时,它工作正常。关于在哪里寻找解决方案的任何建议?我特意使用了我能想到的最简单的测试代码,一个干净的空 aspx 页面和一个简单的 Page_Load 函数。
编辑:为了澄清,就像原始问题的作者一样,我收到“此消息已被处理”错误。这是用 Response.Write(response.Exception.ToString()); 打印到屏幕上的。我认为问题与配置相关,与其他作者不同,因为症状只出现在我的本地盒子上。请注意,症状与我是否在运行代码的同一个盒子上进行测试无关。
protected void Page_Load(object sender, EventArgs e)
{
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
IAuthenticationResponse response = openid.GetResponse();
if (response != null)
{
try
{
Response.Write(response.Exception.ToString());
}
catch (Exception)
{
}
return;
}
}
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
IAuthenticationRequest request = openid.CreateRequest(@"https://www.google.com/accounts/o8/id");
request.RedirectToProvider();
}
}
错误信息:
DotNetOpenAuth.Messaging.Bindings.ReplayedMessageException:此消息已被处理。这可能表明正在进行重放攻击。在 DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement.ProcessIncomingMessage(IProtocolMessage 消息)在 c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Bindings\StandardReplayProtectionBindingElement.cs:第 129 行在 DotNetOpenAuth.MessagingProcessing.MessagingProcess消息)在 c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\Messaging\Channel.cs: 990 行在 DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage 消息)在 c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuth\OpenId\ChannelElements\OpenIdChannel.cs: 第 172 行在 DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest) 在 c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotNetOpenAuthC\Mes位于 DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) 的第 375 行,位于 c:\TeamCity\buildAgent\work\bf9e2ca68b75a334\src\DotN etOpenAuth\OpenId\RelyingParty\OpenIdRelyingParty.cs:第 498 行
日志:
2010-02-01 14:19:57,238 (GMT-5) [4] INFO DotNetOpenAuth - DotNetOpenAuth, Version=3.4.0.10015, Culture=neutral, PublicKeyToken=2780ccd10d57b246 (official)
2010-02-01 14:19:57,253 (GMT-5) [4] INFO DotNetOpenAuth - Reporting will use isolated storage with scope: User, Domain, Assembly
2010-02-01 14:19:57,270 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,272 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming HTTP request: GET http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,360 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming request received: PositiveAssertionResponse
2010-02-01 14:19:57,364 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming PositiveAssertionResponse (2.0) message:
openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
openid.sig: [snip2]/[snip7]=
openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
openid.assoc_handle: [snip3]
openid.op_endpoint: https://www.google.com/accounts/o8/ud
openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
openid.response_nonce: [snip4]:[snip5]:[snip6]
openid.mode: id_res
openid.ns: http://specs.openid.net/auth/2.0
dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id
2010-02-01 14:19:57,373 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,374 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,376 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Verifying incoming PositiveAssertionResponse message signature of: [snip2]=
2010-02-01 14:19:57,388 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Preparing to send CheckAuthenticationRequest (2.0) message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,403 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Prepared outgoing CheckAuthenticationRequest (2.0) message for https://www.google.com/accounts/o8/ud:
openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
openid.mode: check_authentication
openid.ns: http://specs.openid.net/auth/2.0
openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
openid.sig: [snip2]=
openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
openid.assoc_handle: [snip3]
openid.op_endpoint: https://www.google.com/accounts/o8/ud
openid.response_nonce: [snip4]:[snip5]:[snip6]
dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id
2010-02-01 14:19:57,403 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Sending CheckAuthenticationRequest request.
2010-02-01 14:19:57,916 (GMT-5) [4] DEBUG DotNetOpenAuth.Http - HTTP POST https://www.google.com/accounts/o8/ud
2010-02-01 14:19:57,992 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Received CheckAuthenticationResponse response.
2010-02-01 14:19:57,992 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming CheckAuthenticationResponse (2.0) message:
is_valid: true
ns: http://specs.openid.net/auth/2.0
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,994 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - After binding element processing, the received CheckAuthenticationResponse (2.0) message is:
is_valid: true
ns: http://specs.openid.net/auth/2.0
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement applied to message.
网络配置:
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<section name="uri" type="System.Configuration.UriSection,
System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection"
requirePermission="false" allowLocation="true"/>
</configSections>
<uri>
<idn enabled="All"/>
<iriParsing enabled="true"/>
</uri>
<appSettings/>
<connectionStrings/>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true" />
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows" />
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
<dotNetOpenAuth>
<openid maxAuthenticationTime="0:05" cacheDiscovery="true">
<relyingParty>
<security
requireSsl="false"
minimumRequiredOpenIdVersion="V10"
minimumHashBitLength="160"
maximumHashBitLength="256"
requireDirectedIdentity="false"
requireAssociation="false"
rejectUnsolicitedAssertions="false"
rejectDelegatingIdentifiers="false"
ignoreUnsignedExtensions="false"
privateSecretMaximumAge="07:00:00" />
<behaviors>
<!-- <add type="Fully.Qualified.ClassName, Assembly" /> -->
</behaviors>
<store type="Fully.Qualified.ClassName, Assembly" />
</relyingParty>
<provider>
<security
requireSsl="false"
protectDownlevelReplayAttacks="true"
minimumHashBitLength="160"
maximumHashBitLength="512">
<associations>
<add type="HMAC-SHA1" lifetime="14.00:00:00" />
<add type="HMAC-SHA256" lifetime="14.00:00:00" />
</associations>
</security>
<behaviors>
<!-- <add type="Fully.Qualified.ClassName, Assembly" /> -->
</behaviors>
<store type="Fully.Qualified.ClassName, Assembly" />
</provider>
<extensionFactories>
<add type="FullyQualifiedClass.Implementing.IOpenIdExtensionFactory, Assembly" />
</extensionFactories>
</openid>
<messaging clockSkew="00:10:00" lifetime="00:03:00">
<untrustedWebRequest
timeout="00:01:10"
readWriteTimeout="00:00:21.500"
maximumBytesToRead="1048576"
maximumRedirections="10">
<whitelistHosts>
<!-- since this is a sample, and will often be used with localhost -->
<!-- <add name="localhost" /> -->
</whitelistHosts>
<whitelistHostsRegex>
<!-- since this is a sample, and will often be used with localhost -->
<!-- <add name="\.owndomain\.com$" /> -->
</whitelistHostsRegex>
<blacklistHosts>
</blacklistHosts>
<blacklistHostsRegex>
</blacklistHostsRegex>
</untrustedWebRequest>
</messaging>
</dotNetOpenAuth>
<!-- log4net is a 3rd party (free) logger library that dotnetopenid will use if present but does not require. -->
<log4net>
<appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
<file value="c:\\tmp\\toto\\RelyingParty2.log" />
<appendToFile value="true" />
<immediateFlush value="true" />
<rollingStyle value="Size" />
<maxSizeRollBackups value="10" />
<maximumFileSize value="100KB" />
<staticLogFileName value="true" />
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />
</layout>
</appender>
<appender name="TracePageAppender" type="OpenIdRelyingPartyWebForms.Code.TracePageAppender, OpenIdRelyingPartyWebForms">
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />
</layout>
</appender>
<!-- Setup the root category, add the appenders and set the default level -->
<root>
<level value="INFO" />
<appender-ref ref="RollingFileAppender" />
<!--<appender-ref ref="TracePageAppender" />-->
</root>
<!-- Specify the level for some specific categories -->
<logger name="DotNetOpenAuth">
<level value="ALL" />
</logger>
</log4net>
</configuration>
最佳答案
在某些版本的 dotnetopenauth 中,您还可以获得:
This message has already been processed. This could indicate a replay attack in progress.
如果您的 maxAuthenticationTime 值太低(这显然与错误无关 - 但这是一个不同的问题)。我今天刚经历过。
要增加此值,请编辑配置条目,如 https://github.com/DotNetOpenAuth/DotNetOpenAuth/wiki/Configuration 所示(我建议设置为 0:10)。
关于c# - DotNetOpenId — “This message has already been processed” 错误(第 2 部分),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/2165525/
28
4
0
我在使用 io-ts 时遇到一些问题。我发现它确实缺乏文档,我取得的大部分进展都是通过 GitHub issues 取得的。不,我不明白 HKT,所以没有帮助。 基本上,我在其他地方创建一个类型,ty
我必须创建一个正则表达式来搜索整个文件,以找到与 Java XML 解析器的第一部分(但不是第二部分)的匹配项。这将用于防止某些 XXE 攻击。不幸的是,它确实必须是单个正则表达式,并且它确实需要搜索
我有一些简单的 Shared/_Header.cshtml 文件中的内容。 My Shared/_Layout.cshtml 通过调用插入该代码 @Html.Partial("_Header") 目前
我有一个 if-else 语句,其中: 条件 1:ID 匹配并且自动填充某些字段。然后 if 语句只填充其余字段 条件 2:ID 不匹配,所有字段均为空白。 ELSE 语句将它们全部填充 当我使条件
我正在开发一个单页滚动网站。我正在尝试实现 ScrollMagic 并固定第一部分,以便网站的其余部分滚动到固定部分的顶部。我尝试创建一个 jsfiddle 来显示问题,但我似乎无法让 jsfiddl
这是我的情况: 我想使用 Google AdWords 的转换脚本,但出于某种原因,他们代码段的 javascript 部分在我的页面上添加了一些我似乎无法摆脱的不需要的空白。 所以我正在查看的选项纯
寻找一种优雅的方式在页面上添加一次脚本,就是这样。 我有一个需要 2 个 CSS 文件和 2 个 JS 文件的部分 View 。在大多数地方,只需要其中 1 个部分 View 。但在单个页面上,我需要
我想要一个网站,该网站始终具有相同的部分,具有相同的 id 以及我想要显示的所有内容。我对 javascript 不太了解,我想知道如何删除除特定部分之外的所有内容。 最好的方法是否是只执行一个循环来
SQL 语句教程 (11) Group By 我们现在回到函数上。记得我们用 SUM 这个指令来算出所有的 Sales (营业额)吧!如果我们的需求变成是要算出每一间店 (store_name)
我试图理解部分并认为我已经明白了。基本上,这是一种将部分应用程序应用于二元运算符的方法。所以我了解所有(2*) , (+1)等例子就好了。 但是在 O'Reilly Real World Haskel
有没有办法禁止在部分中覆盖给定的关键字参数?假设我要创建函数 bar总是有 a设置为 1 .在以下代码中: from functools import partial def foo(a, b):
我有这个使用节的 OpenMP 代码 #pragma omp parallel sections num_threads(8) { printf_s("Allo fro
我正在尝试重新创建 Apple 制作的有缺陷的 CNContactPickerViewController,因此我有一个数据数组 [CNContact],我需要将其整齐地显示在 UITableView
我有一个相对布局,其中包含一些 float 在 GridView 上的 TextView 。当我在网格中选择一个项目时,布局向下移动到屏幕的尽头,只有大约 1/5 的部分是可见的。这是使用简单的翻译动
我想在我的 tableView 中有两个部分。我希望将项目添加到第 0 节,然后能够选择一行以将其从第 0 节移动到第 1 节。到目前为止,我已将这些项目添加到第 0 节,但是当它关闭时数据不会加
我正在以自由职业者的身份开发支付控制软件,但我有一些关于 mysql 的问题。 。我有一个用作日志的表,名为“Bitacora”。在表中,我有一个名为 idCliente 的列,它是自己表中一个人的
我有一个 PFQueryTableViewController,我想向 tableview 添加部分,我这样尝试: - (PFQuery *)queryForTable { PFQuery *qu
我正在尝试编写一个查询,将部分匹配项与存储的名称值进行匹配。 我的数据库如下所示 Blockquote FirstName | Middle Name | Surname --------------
我正在开发一个语音备忘录应用程序,并且正在将文件保存到表格 View 中。我希望默认文件名显示为“新文件 1”,如果使用“新文件 1”,则它会显示为“新文件 2”,依此类推。 我正在尝试使用 do-w
我有以下简单的 HTML 布局 .section1 { background: red; } .section2 { background: green; } .section3 { ba
我是一名优秀的程序员,十分优秀!