1. m_safeCertContext is an invalid handle
I got this issue when try to assign a X509SigningCredentials to the custom STSConfiguration.
this.SigningCredentials = new X509SigningCredentials(cert);
Make sure don’t call cert.Reset() before passing the cert to X509SigningCredentials constructor
2. Keyset does not exist
3. A potentially dangerous Request.Form value was detected from the client (wresult=”<trust:RequestSecuri…”).
Make sure you have this setting in your web.config (under system.web)
Just like all the Service Oriented approaches, metadata is the key, for example, with web services, you just have to build the service (using ASMX file or WCF) it will generate the WSDL file for your service automatically, so the client code can easily consume. We expect the same thing with WIF, unfortunately, we cannot just build a STS and then somehow it exposes the federation metadata for that.
Most of the samples in WIF SDK and the Programming WIF book are showing you how to generate the metadata from a Visual Studio template. But there is almost no documentation on how to create the federation metadata manually (or dynamically), especially when you build a custom STS using MVC (hopefully we will have the template for MVC soon, but still not solving the dynamic issue).
WIF itself does provide APIs for this task, below are some very simple codes (I copy most of them from http://netpl.blogspot.com/2011/08/quest-for-customizing-adfs-sign-in-web.html). I just tried to put thing together and see how to use the WIF metadata API. For a more complete sample, please see the link above.
const string _endpoint = "http://yoursts.com";
static void Main(string args)
string endpointId = _endpoint;
EntityDescriptor entityDescriptor = new EntityDescriptor(
// Signature, I created a certificate using portecle and installed
// it under TrustedPeople/CurrentUser
X509Certificate2 cert =
StoreName.TrustedPeople, StoreLocation.CurrentUser, "CN=HoaSTSCert, C=US");
entityDescriptor.SigningCredentials = new X509SigningCredentials(cert);
SecurityTokenServiceDescriptor roleDescriptor = new SecurityTokenServiceDescriptor();
// required protocols supported
// This section is for key descriptor
SecurityKeyIdentifierClause clause = new X509RawDataKeyIdentifierClause(cert);
SecurityKeyIdentifier ski = new SecurityKeyIdentifier(clause);
KeyDescriptor signingKey = new KeyDescriptor(ski);
signingKey.Use = KeyType.Signing;
// This section is for endpoint
string activeSTSUrl = _endpoint;
EndpointAddress endpointAddress = new EndpointAddress(
// Active endpoint
// Passive endpoint
// Serialize process...
MetadataSerializer serializer = new MetadataSerializer();
//MemoryStream stream = new MemoryStream();
string fileName = @"FederationMetadata.xml";
XmlWriter writer = XmlWriter.Create(fileName);
XmlWriterSettings settings = new XmlWriterSettings();
settings.Indent = true;
That is interesting that my previous post talked about error pages in asp.net and yesterday I got this (see image below) when I tried to access blackberry online shopping site
That is good to know that this website is built using ASP.NET MVC, WCF and a Controller-Service-Repository pattern, so instead of disappointed cause the website crashed, I felt like this is built by some of my “friends”🙂
PS: the good news is it was fixed right after that!
Testing the expected exceptions has been improved a lot by NUnit 2.5, let says you have a scenario that a method checks for the input parameters and throws some ArgumentNullException exceptions, it was kind of cumbersome to cover all those cases in your tests, normally, you will have multiple test methods using ExpectedExceptionAttribute. But with NUnit 2.5.x, we can write something likes
public void AndSpecification_Construction_With_Null_Inputs_Test()
ISpecification<MockEntity> spec = new Moq.Mock<ISpecification<MockEntity>>().Object;
// Passing null for the left specification
Assert.That(() => new AndSpecification<MockEntity>(null, spec),
// Passing null for the right specification
Assert.That(() => new AndSpecification<MockEntity>(spec, null),
One single method can handle multiple cases.
You can find more details information from http://nunit.net/blogs/?p=63
The error below happen on a 64 bits web server that tries to load the crystal reports run-time. If this sounds familiar with you and you already installed the “CRRedist2008_x64.msi”. But it still didn’t work and you starting to get tired with google🙂
You should look into your application pools settings, make sure you set the “Enable 32 bits Applications” to FALSE
This sounds like a very simple question but it turns out to be not quite trivial (at lease for me). Anyways, I found the answer from the internet!
You really shouldn't add the new lines programmatically - because when
you come to localize your application to another language you may want
to have the line breaks in different positions. The best way is to
include the new lines in your actual resources. You can do this in
one of two ways:
1. Open the resx file in the VS designer and use Shift+Enter when you
want want a line break. You will need to resize the row using the
grab bars to make it big enough to see multiple lines.
2. Open the resx file as code and add the line breaks directly in the
The Visual Studio Resource editor really is fairly basic and quite
irritating to use for large amounts of text when localizing so you
could also consider using a tool like our Globalizer.NET that allows
you to see and edit all your resources (for all languages) in a single
easy to edit form (see http://www.infralution.com/globalizer.html).
Globalizer.NET - makes localizing .NET Application easy
Sometime, you just want to quickly serializes an object to string and deserializes from a string to object. Below are the codes
(If you don’t like the generic version of StringToObject, you can pass the object type as an addition parameter)
public static string ObjectToString(object obj)
XmlSerializer serializer = new XmlSerializer(obj.GetType());
using (MemoryStream stream = new MemoryStream())
StreamReader reader = new StreamReader(stream);
stream.Position = 0;
result = reader.ReadToEnd();
public static TEntity StringToObject<tentity>(string stringValue)
XmlSerializer serializer = new XmlSerializer(typeof(TEntity));
using (StringReader reader = new StringReader(stringValue))
result = serializer.Deserialize(reader);