Server Error in '/' Application.

If you have questions about using mojoPortal, you can post them here.

You may want to first review our site administration documentation to see if your question is answered there.

This thread is closed to new posts. You must sign in to post in the forums.
10/4/2010 5:43:18 AM
MartinGer
Gravatar
Total Posts 10
View Posts

Server Error in '/' Application.

 

Hi,

I discovered a strange behavior today after I rebooted the computer. I loaded mojo start page and after signing in I got this error. But this happens only on Firefox, IE 8 is still working like normal. The stack trace tells me that it has something to do with the security cookie. May be it's defect. But nevertheless this should not lead to an application error in my opinion.

Or is it my fault (configuration mismatch or something else)? Who can explain this?

Thanks,
Martin

 

Server Error in '/' Application.

Unable to validate data.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.Web.HttpException: Unable to validate data.

Source Error:

An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.

Stack Trace:

				[HttpException (0x80004005): Unable to validate data.]
   System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo, Boolean signData) +1008
   System.Web.Configuration.MachineKeySection.EncryptOrDecryptData(Boolean fEncrypt, Byte[] buf, Byte[] modifier, Int32 start, Int32 length, IVType ivType, Boolean useValidationSymAlgo) +91
   System.Web.Security.FormsAuthentication.Decrypt(String encryptedTicket) +246
   mojoPortal.Web.mojoRoleProvider.GetRolesFromCookie() +146
   mojoPortal.Web.mojoRoleProvider.GetRolesForUser(String userName) +166
   System.Web.Security.RolePrincipal.IsInRole(String role) +164
   mojoPortal.Business.WebHelpers.WebUser.IsInRole(String role) +125
   mojoPortal.Business.WebHelpers.WebUser.get_IsAdmin() +45
   mojoPortal.Business.WebHelpers.WebUser.get_IsAdminOrContentAdmin() +8
   mojoPortal.Web.UI.AnalyticsAsyncTopScript.DoInit() +98
   mojoPortal.Web.UI.AnalyticsAsyncTopScript.OnInit(EventArgs e) +20
   System.Web.UI.Control.InitRecursive(Control namingContainer) +333
   System.Web.UI.Control.InitRecursive(Control namingContainer) +210
   System.Web.UI.Control.InitRecursive(Control namingContainer) +210
   System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +378

Version Information: Microsoft .NET Framework Version:2.0.50727.4952; ASP.NET Version:2.0.50727.4955

10/4/2010 6:41:12 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Server Error in '/' Application.

Hi Martin,

This is because of the windows update that fixed the ASP.NET security bug. Apparently part of their fix changed the error bahavior. Previously if there was an error decrypting a role cookie it was throwing a System.Security.Cryptography.CryptographicException (which we have error handling for), but after the update it now throws a more generic HttpException (which we did not previously catch but I have added it for the next release).

The error occurs when trying to decrypt the role cookie which was encrypted before the update was applied. Previously, if there was an error decrypting a role cookie, it was throwing a System.Security.Cryptography.CrypotgraphicException (which we were handling so the user would not experience any error). After the windows update it now throws a more generic HttpException which the current release does not handle so the user will see the error page, and the only way to solve it is to clear the cookie. I have added handling for the changed error for the next release of mojoPortal. There is one workaround you can do right away to solve this problem, you can add code to the ErrorPage.aspx in the root to clear the role cookie so that at least the user will only see the error page one time. To do this, edit the ErrorPage.aspx file with a text editor. At the top add this:

<%@ Import Namespace="mojoPortal.Business" %>
<%@ Import Namespace="mojoPortal.Business.WebHelpers" %>
<%@ Import Namespace="mojoPortal.Web" %>

then add this code to the bottom of the Page_Load event:

try
        {
            SiteSettings siteSettings = CacheHelper.GetCurrentSiteSettings();
            if (siteSettings != null)
            {
                string roleCookieName = SiteUtils.GetRoleCookieName(siteSettings);
                HttpCookie roleCookie = new HttpCookie(roleCookieName, string.Empty);
                roleCookie.HttpOnly = true;
                roleCookie.Path = "/";
                HttpContext.Current.Response.Cookies.Add(roleCookie);
            }
        }
        catch{}

Hope it helps,

Joe

10/4/2010 6:48:21 AM
Joe Audette
Gravatar
Total Posts 18439
View Posts

Re: Server Error in '/' Application.

I've just posted a blog post about this as I think many people will begin having this error after the windows update is applied.

http://www.mojoportal.com/the-fix-for-the-aspnet-security-bug-is-now-available-on-windows-update.aspx

Best,

Joe

10/4/2010 7:01:44 AM
MartinGer
Gravatar
Total Posts 10
View Posts

Re: Server Error in '/' Application.

Hi Joe,

great support here.

Just a small hint: I helped myself by deleting the cookie in Firefox.

Thanks,
Martin

You must sign in to post in the forums. This thread is closed to new posts.