• State Verified Answer
  • Replies 17 replies
  • Subscribers 94 subscribers
  • Views 1245 views
  • Users 0 members are here
Options
Related

After upgrading to 9.3 portal says "Potentially dangerous behavior was detected"

henrik a johansson
3 months ago

Hi.

Just upgraded to 9.3 and installed the ApiServer. But when I try to access the portal it says "Potentially dangerous behavior was detected. The request will be ignored."

Then I found the fix for that: Unable to log in to the web portal after an upgrade to 9.x (4369782)

But that didn't work:

C:\Program Files\One Identity\One Identity Manager>imxclient edit-config /path C:\inetpub\wwwroot\ApiServer\web.config -T
ImxClient 9.3 v93-278876
© 2024 One Identity LLC. All rights reserved.

Attempting to connect to database...
Could not open connection, using connection dialog as fallback.
Info: Opening connection dialog...
Info: Starting C:\Users\acme-user\AppData\Local\One Identity\One Identity Manager\Cache\Updater\7tPuSSQLx47VzF9_PDF0KmqR_tSYZ97XQQye6mBi\Update.dll at 2025-01-13 09:40:51
Info: Checking for updates...
Info: User acme-user (Dialog user: acme-user, X fields: acme-user) authenticated.
Warn: Command edit-config failed with exception.VI.Base.ViException: No configuration data for the web application "<empty>" was found in the database, or an error occurred while loading. Check the configuration and the application log files.
   at VI.Web.ConfigBase.WebAppDbConfig.Load(IConnection connection, String baseUrl, Boolean createMissing)
   at VI.ImxClient.EditConfig.EditConfigPlugin.SetTrustedSourceKey(EditConfigArgs cargs, String newKey)
   at VI.ImxClient.EditConfig.EditConfigPlugin.Execute(String[] args, EditConfigArgs cargs)
   at VI.ImxClient.PluginBase`1.Execute(String[] args, Object argso)
   at VI.ImxClient.CommandRunner.Run(String[] args)    at VI.Web.ConfigBase.WebAppDbConfig.Load(IConnection connection, String baseUrl, Boolean createMissing)
   at VI.ImxClient.EditConfig.EditConfigPlugin.SetTrustedSourceKey(EditConfigArgs cargs, String newKey)
   at VI.ImxClient.EditConfig.EditConfigPlugin.Execute(String[] args, EditConfigArgs cargs)
   at VI.ImxClient.PluginBase`1.Execute(String[] args, Object argso)
   at VI.ImxClient.CommandRunner.Run(String[] args)
--- Error report ---
[1798015] No configuration data for the web application "<empty>" was found in the database, or an error occurred while loading. Check the configuration and the application log files.
                <at VI.ImxClient.CommandRunner.Run(String[] args)>              <at VI.ImxClient.PluginBase`1.Execute(String[] args, Object argso)>             <at VI.ImxClient.EditConfig.EditConfigPlugin.Execute(String[] args, EditConfigArgs cargs)>              <at VI.ImxClient.EditConfig.EditConfigPlugin.SetTrustedSourceKey(EditConfigArgs cargs, String newKey)>          <at VI.Web.ConfigBase.WebAppDbConfig.Load(IConnection connection, String baseUrl, Boolean createMissing)>
--- end ---

Failure: Command edit-config failed with exception.

If I go to Designer -> Web Server configurations -> and then select the ApiServer, the foreign key for Program is Empty as stated in the error message above.

Anyone have any clues?

/Henrik

Parents
  • 0 3 months ago

    Did you specify the trusted source key during installation of the API Server? It seems you did not.

  • 0 3 months ago in reply to Markus Weiss-Ehlers

    Where can I find the trusted source key? Do I generate it? If so, how?

  • 0 3 months ago in reply to henrik a johansson

    I admit I wasn't clear enough in my comment.

    You normally specify the trusted source key during the wizard driven (GUI based) installation of the API Server.

    That's what my question was. Did you specify the key during the installation?

  • 0 3 months ago in reply to Markus Weiss-Ehlers

    I tried this:
    imxclient edit-config /path <web.config file path> /trustedsourcekey <Key>

    with the key I entered in the installation but the same error occurred.

    Do you know why Designer -> Web Server configurations -> ApiServer -> Program is empty?

  • 0 3 months ago in reply to henrik a johansson

    It is empty by intention in 9.3 as the API Server can host more than one type of program (Web portal, Password Reset Portal, ...) that might require different authenticator settings.

    So the imxclient option seems to be buggy.

  • 0 3 months ago in reply to henrik a johansson

    Mmh... In that case - the API Server shouldn't come up with the error message.

    Can you post (obfuscated of course) web.config and appsettings.json from the API Server?

  • 0 3 months ago in reply to Markus Weiss-Ehlers

    web.config:

    <?xml version="1.0"?>
<configuration>

  <connectionStrings configProtectionProvider="DataProtectionConfigurationProvider">
    <EncryptedData>
      <CipherData>
        <CipherValue>LoremipsumdolorsitametconsecteturadipiscingelitNullamviverramassaegetmolestielaciniafelistellussagittisjustoatlobortismagnadolordapibusnibhInaliquammassaidvolutpatvariusturpissapienvolutpatdolorquistristiqueauguedolorvelnuncFusceutlobortismetusVestibulumvulputatepurussitametnequemalesuadarhoncusNullambibendumveliteuquamscelerisqueblanditPellentesqueduifelisaliquetvitaedictumdapibusrhoncuseuerosIntegeratsapienconsequatdapibusmagnaegetsollicitudinlacusUtcursusaugueeuelitvehiculaegetegestasloremconsequatVivamusmetusloremtinciduntidblanditquissuscipitnonneque==</CipherValue>
      </CipherData>
    </EncryptedData>
  </connectionStrings>
  <system.web>

    <!-- MaxRequestLength in KB -->
    <httpRuntime enableVersionHeader="false" maxRequestLength="10240" executionTimeout="3600" />

  </system.web>

	<system.webServer>
  <handlers>
   <add name="aspNetCore" path="*" verb="*" modules="AspNetCoreModuleV2"
    resourceType="Unspecified" />
  </handlers>
  <aspNetCore processPath="dotnet" arguments=".\bin\QBM.CompositionApi.Server.AspNet.dll"
   startupTimeLimit="1200" stdoutLogEnabled="true" stdoutLogFile=".\App_Data\Logs"
   hostingModel="inprocess">
  </aspNetCore>
  <urlCompression doStaticCompression="true" doDynamicCompression="true" />
  <security>
   <requestFiltering>
    <requestLimits maxQueryString="32768" />
   </requestFiltering>
  </security>
 </system.webServer>
</configuration>

    appsettings.json:

    {
  "Settings": {
    "DeploymentTarget": "Server\\Web\\BusinessApiServer",
    "BaseURL": "https://acme.com/ApiServer/"
  },
  "ConnectionStrings": {},
  "RuntimeDirs": {
    "Cache": "C:\\inetpub\\wwwroot\\ApiServer\\App_Data\\Cache\\Cache",
    "AssemblyCache": "C:\\inetpub\\wwwroot\\ApiServer\\App_Data\\Cache\\AssemblyCache"
  },
  "ConnectionBehaviour": {
    "TokenCertificateThumbprint": "LOREMIPSUM",
    "CheckSessionCertificate": "True"
  }
}

  • 0 3 months ago in reply to henrik a johansson

    Looks okay to me. Can you try to restart the server?

    in addition.

    What runtimes are installed?

    Use the following command in a shell on the server hosting the weeb applications.

    dotnet --list-runtimes

Reply Children