Archive

Author Archive

Timeout Issue SAML Authentication

February 20, 2014 Leave a comment

At customer project we have introduced a SAML based SSO Authentication process using an PING Federate Infrastructure. This strucutre was working sometimes for unspecific amount of time and then it failed sending us nothing then a timeout.

The ULS gave us not a good idea about the issue, as it does not throw an exception that was related to this issue. We encountered that Security Token Service was also working fine.

After spending hours of research also together with Microsoft Support we finally found the solution. It was hidden in the ULS VerboseEx Messages.

The time out is occurring because SPCertificateValidator.Validate function for 4 certificates (We are using 4 Certificates to make SAML possible) takes 135118 ms = 135 s = more than 2 minutes. In scenarios where there is no internet connection this can occur because the certificates are validated over the network against a CRL or CTL and for these types of scenarios in order for the check over network to not occur for a long timeframe below local policies can be defined to limit the timeframe allowed for certificates check:

Inside Computer Configuration -> Windows ->Security settings ->Public Key Policies -> Certificate Path validation settings > Network Retrieval :

- Uncheck “Automatically update certificates from Microsoft root certification program” 

- Set Default URL retrieval timeout settings : 1

- Set Default path validation cumulative retrieval timeout : 1

This solution is now working for us and authentication is possible the whole day and not only some hours.

Why it was working sometimes and sometimes not, i am not sure. Perhaps sometimes the timeout was not hit, and the validation was cached anyhow. 

2014-02-20 10_53_45-SpeaPRE300sWFES - Remote Desktop Connection Manager v2.2

Categories: Uncategorized

Azure is the fastest Cloud in the World

October 9, 2011 Leave a comment

Very Interesting Test Apporach. And a non expected result. Saying that in a long term test setup. Azure has the  best quality to deliever.

Windows Azure beats Amazon EC2, Google App Engine in cloud speed test
http://arstechnica.com/business/news/2011/10/windows-azure-faster-than-amazon-ec2-and-google-app-engine-in-yearlong-cloud-speed-test.ars

Categories: Uncategorized

Cloud Event @Logica 12th July Munich

Good Food and Some Drinks for all who are interested in attending an interesting event on cloud and security.

Sign Up:

http://www.logica.de/we-are-logica/media-centre/events/2011/cloud/

Categories: Uncategorized

#Computerwoche Article is Online

Categories: Uncategorized

n, ge…getting a security check of companies online systems, #priceless.

http://www.thehackernews.com/2011/05/lulzsec-leak-sonys-japanese-websites.html

Its more and more getting a game, finding the next db to hack in. I assume they will not stop until all sonypages are security proofed.

Loosing ps3 online system costs 100 million revenue, decreasing reputation on sharemarkets cost 1 billion, getting a security check of companies online systems, priceless.

Categories: Uncategorized

#Cloud Meeting in Munich @Logica May 19th

April 29, 2011 Leave a comment

My Session @ Cloud Stammtisch

I proudly announce the next Munich Cloud Session on May 19th, hosted by Logica.

There i am invited to explain our concept of developing Sharepoint in the cloud.

If you like to join us, visit this Xing Group or contact me directly.

Categories: Ideas Tags:

#Sharepoint Application Lifecylce #SPALM

April 29, 2011 Leave a comment

Very interesting approach we are using in our latest Sharepoint Project.

http://spsf.codeplex.com/

Categories: Uncategorized
Follow

Get every new post delivered to your Inbox.