这已经被问过了Here,但我没有被提出,OP也接受了一个对我没有帮助的答案。到目前为止,我已尝试从不同的浏览器登录,更改Web配置,清除cookie以及从外部计算机加载。
事实上,我最终确实发现问题是我自己的机器特有的;当我发布到另一台机器时,它工作正常。有关何处寻找解决方案的建议?我故意使用了我能想到的最简单的测试代码,一个干净的空aspx页面和一个简单的Page_Load函数。
修改:为了澄清,就像原始问题的作者一样,我收到“此消息已被处理”错误。使用Response.Write(response.Exception.ToString());将其打印到屏幕上。我相信这个问题与配置相关,与其他作者不同,因为症状只出现在我的本地盒子上。请注意,症状与我是否在运行代码的同一个盒子上进行测试无关。
protected void Page_Load(object sender, EventArgs e)
{
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
IAuthenticationResponse response = openid.GetResponse();
if (response != null)
{
try
{
Response.Write(response.Exception.ToString());
}
catch (Exception)
{
}
return;
}
}
using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
{
IAuthenticationRequest request = openid.CreateRequest(@"https://www.google.com/accounts/o8/id");
request.RedirectToProvider();
}
}
错误讯息:
DotNetOpenAuth.Messaging.Bindings.ReplayedMessageException:此消息已被处理。这可能表示正在进行重播攻击。位于c:\ TeamCity \ buildAgent \ work \ bf9e2ca68b75a334 \ src \ DotNetOpenAuth \ Messaging \ Bindings \ StandardReplayProtectionBindingElement.cs中的DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement.ProcessIncomingMessage(IProtocolMessage message):DotNetOpenAuth.Messaging.Channel.ProcessIncomingMessage(IProtocolMessage)第129行消息)在c:\ TeamCity \ buildAgent \ work \ bf9e2ca68b75a334 \ src \ DotNetOpenAuth \ Messaging \ Channel.cs:第990行,位于c:\ TeamCity \ buildAgent \ work \中的DotNetOpenAuth.OpenId.ChannelElements.OpenIdChannel.ProcessIncomingMessage(IProtocolMessage消息) bf9e2ca68b75a334 \ src \ DotNetOpenAuth \ OpenId \ ChannelElements \ OpenIdChannel.cs:位于c:\ TeamCity \ buildAgent \ work \ bf9e2ca68b75a334 \ src \ DotNetOpenAuth \ Messaging \ Channel.cs中的DotNetOpenAuth.Messaging.Channel.ReadFromRequest(HttpRequestInfo httpRequest)的第172行:第375行,位于c:\ TeamCity \ buildAgent \ work \ bf9e2ca68b75a334 \ src \ DotN中的DotNetOpenAuth.OpenId.RelyingParty.OpenIdRelyingParty.GetResponse(HttpRequestInfo httpRequestInfo) etOpenAuth \ OpenId \ RelyingParty \ OpenIdRelyingParty.cs:第498行
日志:
2010-02-01 14:19:57,238 (GMT-5) [4] INFO DotNetOpenAuth - DotNetOpenAuth, Version=3.4.0.10015, Culture=neutral, PublicKeyToken=2780ccd10d57b246 (official)
2010-02-01 14:19:57,253 (GMT-5) [4] INFO DotNetOpenAuth - Reporting will use isolated storage with scope: User, Domain, Assembly
2010-02-01 14:19:57,270 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,272 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming HTTP request: GET http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,360 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming request received: PositiveAssertionResponse
2010-02-01 14:19:57,364 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming PositiveAssertionResponse (2.0) message:
openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
openid.sig: [snip2]/[snip7]=
openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
openid.assoc_handle: [snip3]
openid.op_endpoint: https://www.google.com/accounts/o8/ud
openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
openid.response_nonce: [snip4]:[snip5]:[snip6]
openid.mode: id_res
openid.ns: http://specs.openid.net/auth/2.0
dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id
2010-02-01 14:19:57,373 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,374 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,376 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Verifying incoming PositiveAssertionResponse message signature of: [snip2]=
2010-02-01 14:19:57,388 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Preparing to send CheckAuthenticationRequest (2.0) message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,403 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Prepared outgoing CheckAuthenticationRequest (2.0) message for https://www.google.com/accounts/o8/ud:
openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
openid.mode: check_authentication
openid.ns: http://specs.openid.net/auth/2.0
openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
openid.sig: [snip2]=
openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
openid.assoc_handle: [snip3]
openid.op_endpoint: https://www.google.com/accounts/o8/ud
openid.response_nonce: [snip4]:[snip5]:[snip6]
dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id
2010-02-01 14:19:57,403 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Sending CheckAuthenticationRequest request.
2010-02-01 14:19:57,916 (GMT-5) [4] DEBUG DotNetOpenAuth.Http - HTTP POST https://www.google.com/accounts/o8/ud
2010-02-01 14:19:57,992 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Received CheckAuthenticationResponse response.
2010-02-01 14:19:57,992 (GMT-5) [4] INFO DotNetOpenAuth.Messaging.Channel - Processing incoming CheckAuthenticationResponse (2.0) message:
is_valid: true
ns: http://specs.openid.net/auth/2.0
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,994 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - After binding element processing, the received CheckAuthenticationResponse (2.0) message is:
is_valid: true
ns: http://specs.openid.net/auth/2.0
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement applied to message.
的web.config:
<?xml version="1.0"?>
<configuration>
<configSections>
<section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
<section name="uri" type="System.Configuration.UriSection,
System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection"
requirePermission="false" allowLocation="true"/>
</configSections>
<uri>
<idn enabled="All"/>
<iriParsing enabled="true"/>
</uri>
<appSettings/>
<connectionStrings/>
<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="true" />
<!--
The <authentication> section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authentication mode="Windows" />
<!--
The <customErrors> section enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.
<customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
<error statusCode="403" redirect="NoAccess.htm" />
<error statusCode="404" redirect="FileNotFound.htm" />
</customErrors>
-->
</system.web>
<dotNetOpenAuth>
<openid maxAuthenticationTime="0:05" cacheDiscovery="true">
<relyingParty>
<security
requireSsl="false"
minimumRequiredOpenIdVersion="V10"
minimumHashBitLength="160"
maximumHashBitLength="256"
requireDirectedIdentity="false"
requireAssociation="false"
rejectUnsolicitedAssertions="false"
rejectDelegatingIdentifiers="false"
ignoreUnsignedExtensions="false"
privateSecretMaximumAge="07:00:00" />
<behaviors>
<!-- <add type="Fully.Qualified.ClassName, Assembly" /> -->
</behaviors>
<store type="Fully.Qualified.ClassName, Assembly" />
</relyingParty>
<provider>
<security
requireSsl="false"
protectDownlevelReplayAttacks="true"
minimumHashBitLength="160"
maximumHashBitLength="512">
<associations>
<add type="HMAC-SHA1" lifetime="14.00:00:00" />
<add type="HMAC-SHA256" lifetime="14.00:00:00" />
</associations>
</security>
<behaviors>
<!-- <add type="Fully.Qualified.ClassName, Assembly" /> -->
</behaviors>
<store type="Fully.Qualified.ClassName, Assembly" />
</provider>
<extensionFactories>
<add type="FullyQualifiedClass.Implementing.IOpenIdExtensionFactory, Assembly" />
</extensionFactories>
</openid>
<messaging clockSkew="00:10:00" lifetime="00:03:00">
<untrustedWebRequest
timeout="00:01:10"
readWriteTimeout="00:00:21.500"
maximumBytesToRead="1048576"
maximumRedirections="10">
<whitelistHosts>
<!-- since this is a sample, and will often be used with localhost -->
<!-- <add name="localhost" /> -->
</whitelistHosts>
<whitelistHostsRegex>
<!-- since this is a sample, and will often be used with localhost -->
<!-- <add name="\.owndomain\.com$" /> -->
</whitelistHostsRegex>
<blacklistHosts>
</blacklistHosts>
<blacklistHostsRegex>
</blacklistHostsRegex>
</untrustedWebRequest>
</messaging>
</dotNetOpenAuth>
<!-- log4net is a 3rd party (free) logger library that dotnetopenid will use if present but does not require. -->
<log4net>
<appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
<file value="c:\\tmp\\toto\\RelyingParty2.log" />
<appendToFile value="true" />
<immediateFlush value="true" />
<rollingStyle value="Size" />
<maxSizeRollBackups value="10" />
<maximumFileSize value="100KB" />
<staticLogFileName value="true" />
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />
</layout>
</appender>
<appender name="TracePageAppender" type="OpenIdRelyingPartyWebForms.Code.TracePageAppender, OpenIdRelyingPartyWebForms">
<layout type="log4net.Layout.PatternLayout">
<conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />
</layout>
</appender>
<!-- Setup the root category, add the appenders and set the default level -->
<root>
<level value="INFO" />
<appender-ref ref="RollingFileAppender" />
<!--<appender-ref ref="TracePageAppender" />-->
</root>
<!-- Specify the level for some specific categories -->
<logger name="DotNetOpenAuth">
<level value="ALL" />
</logger>
</log4net>
</configuration>
答案 0 :(得分:8)
在dotnetopenauth的某些版本中,您还可以获得:
此消息已经存在 处理。这可能表明了 重播攻击正在进行中。
如果你的maxAuthenticationTime值太低(这显然与错误无关 - 但这是一个不同的问题)。我今天就经历过这个。
要增加此值,请编辑配置条目,如https://github.com/DotNetOpenAuth/DotNetOpenAuth/wiki/Configuration所示(我建议设置为0:10)。