dotNetOpenID__此消息已被处理_错误(第2部分)

已经问过了 Here 但我没有,手术室接受了一个对我没有帮助的回答。到目前为止,我尝试从不同的浏览器登录,更改web配置,清除cookie,以及从外部机器加载。

事实上,我最终发现这个问题是我自己的机器特有的;当我发布到另一台机器上时,它工作得很好。在哪里寻找解决方案有什么建议吗?我故意使用了我能想到的最简单的测试代码,一个干净的空ASPX页和一个简单的 Page_Load 功能。

编辑 :要澄清,与原始问题的作者一样,我收到一个“此消息已处理”错误。这是打印出来的 Response.Write(response.Exception.ToString()); . 我相信这个问题与配置有关,不像其他作者,因为症状只出现在我的本地框中。注意,这些症状与我是否在运行代码的同一个框上测试无关。

    protected void Page_Load(object sender, EventArgs e)
    {
        using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
        {
            IAuthenticationResponse response = openid.GetResponse();
            if (response != null)
            {
                try
                {
                    Response.Write(response.Exception.ToString());
                }
                catch (Exception)
                {
                }
                return;
            }
        }

        using (OpenIdRelyingParty openid = new OpenIdRelyingParty())
        {
            IAuthenticationRequest request = openid.CreateRequest(@"https://www.google.com/accounts/o8/id");
            request.RedirectToProvider();
        }

    }

错误信息:

dotNetOpenAUTH.messaging.bindings.replayedMessageException:此消息已被处理。这可能表示正在进行重播攻击。位于c:\teamcity\buildagent\work\bf9e2ca68b75a334\src\dotnetopenauth\messaging\bindings\standardreplayprotectionbindingement.cs:dotnetopenauth.messaging.channel.processincomingmessage(iprotocolmessage message)中的第129行c:\teamcity\buildagent\work\bf9e2ca68b75a334\src\dotnetopenauth\messaging\channel.cs:line 990 at dotnetopenauth.openid.channelelements.openid channel.processincomingmessage(iprotocolmessage message)in c:\teamcity\buildagent\work\bf9e2ca68b75a334\src\dotnetopenauth\openid\channelelements\openid channel.cs:line 172 at dotnetopenc:\teamcity\buildagent\work\bf9e2ca68b75a334\src\dotnetopenauth\messaging\channel.cs:dotnetopenauth.openid.relyingparty.openid relyingparty.getresponse(httprequestinfo httprequestinfo)in c:\teamcity\buildagent\work\bf9e2ca68b75a334\src\dotnetopenauth\openid\relyingparty\openidrelyingparT.Cs:第498行

日志:

2010-02-01 14:19:57,238 (GMT-5) [4] INFO  DotNetOpenAuth - DotNetOpenAuth, Version=3.4.0.10015, Culture=neutral, PublicKeyToken=2780ccd10d57b246 (official)
2010-02-01 14:19:57,253 (GMT-5) [4] INFO  DotNetOpenAuth - Reporting will use isolated storage with scope: User, Domain, Assembly
2010-02-01 14:19:57,270 (GMT-5) [4] INFO  DotNetOpenAuth.Messaging.Channel - Scanning incoming request for messages: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,272 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming HTTP request: GET http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fud&openid.response_nonce=[snip4]%3A[snip5]%3A[snip6]&openid.return_to=http%3A%2F%2Fmymachine%2FOpenIDGizmo%2Fsnort.aspx%3Fdnoa.userSuppliedIdentifier%3Dhttps%253A%252F%252Fwww.google.com%252Faccounts%252Fo8%252Fid&openid.assoc_handle=[snip3]&openid.signed=op_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=[snip2]%2F[snip7]%3D&openid.identity=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]&openid.claimed_id=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid%3Fid%3D[snip1]
2010-02-01 14:19:57,360 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Incoming request received: PositiveAssertionResponse
2010-02-01 14:19:57,364 (GMT-5) [4] INFO  DotNetOpenAuth.Messaging.Channel - Processing incoming PositiveAssertionResponse (2.0) message:
    openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
    openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
    openid.sig: [snip2]/[snip7]=
    openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
    openid.assoc_handle: [snip3]
    openid.op_endpoint: https://www.google.com/accounts/o8/ud
    openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
    openid.response_nonce: [snip4]:[snip5]:[snip6]
    openid.mode: id_res
    openid.ns: http://specs.openid.net/auth/2.0
    dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id

2010-02-01 14:19:57,373 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,374 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,376 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Verifying incoming PositiveAssertionResponse message signature of: [snip2]=
2010-02-01 14:19:57,388 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Preparing to send CheckAuthenticationRequest (2.0) message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,399 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,400 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,401 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,402 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,403 (GMT-5) [4] INFO  DotNetOpenAuth.Messaging.Channel - Prepared outgoing CheckAuthenticationRequest (2.0) message for https://www.google.com/accounts/o8/ud: 
    openid.return_to: http://mymachine/OpenIDGizmo/snort.aspx?dnoa.userSuppliedIdentifier=https%3A%2F%2Fwww.google.com%2Faccounts%2Fo8%2Fid
    openid.mode: check_authentication
    openid.ns: http://specs.openid.net/auth/2.0
    openid.claimed_id: https://www.google.com/accounts/o8/id?id=[snip1]
    openid.identity: https://www.google.com/accounts/o8/id?id=[snip1]
    openid.sig: [snip2]=
    openid.signed: op_endpoint,claimed_id,identity,return_to,response_nonce,assoc_handle
    openid.assoc_handle: [snip3]
    openid.op_endpoint: https://www.google.com/accounts/o8/ud
    openid.response_nonce: [snip4]:[snip5]:[snip6]
    dnoa.userSuppliedIdentifier: https://www.google.com/accounts/o8/id

2010-02-01 14:19:57,403 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Sending CheckAuthenticationRequest request.
2010-02-01 14:19:57,916 (GMT-5) [4] DEBUG DotNetOpenAuth.Http - HTTP POST https://www.google.com/accounts/o8/ud
2010-02-01 14:19:57,992 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - Received CheckAuthenticationResponse response.
2010-02-01 14:19:57,992 (GMT-5) [4] INFO  DotNetOpenAuth.Messaging.Channel - Processing incoming CheckAuthenticationResponse (2.0) message:
    is_valid: true
    ns: http://specs.openid.net/auth/2.0

2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToSignatureBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.BackwardCompatibilityBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement did not apply to message.
2010-02-01 14:19:57,993 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardExpirationBindingElement did not apply to message.
2010-02-01 14:19:57,994 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.Messaging.Bindings.StandardReplayProtectionBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ReturnToNonceBindingElement did not apply to message.
2010-02-01 14:19:57,995 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.RelyingPartySecurityOptions did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.ExtensionsBindingElement did not apply to message.
2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Channel - After binding element processing, the received CheckAuthenticationResponse (2.0) message is: 
    is_valid: true
    ns: http://specs.openid.net/auth/2.0

2010-02-01 14:19:57,997 (GMT-5) [4] DEBUG DotNetOpenAuth.Messaging.Bindings - Binding element DotNetOpenAuth.OpenId.ChannelElements.SigningBindingElement applied to message.

Web.CONFIG:

<?xml version="1.0"?>

<configuration>
  <configSections>
    <section name="log4net" type="log4net.Config.Log4NetConfigurationSectionHandler" requirePermission="false" />
    <section name="uri" type="System.Configuration.UriSection, 
            System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
    <section name="dotNetOpenAuth" type="DotNetOpenAuth.Configuration.DotNetOpenAuthSection"
            requirePermission="false" allowLocation="true"/>
  </configSections>

  <uri>
    <idn enabled="All"/>
    <iriParsing enabled="true"/>
  </uri>

  <appSettings/>
  <connectionStrings/>

  <system.web>
    <!-- 
            Set compilation debug="true" to insert debugging 
            symbols into the compiled page. Because this 
            affects performance, set this value to true only 
            during development.
        -->
    <compilation debug="true" />
    <!--
            The <authentication> section enables configuration 
            of the security authentication mode used by 
            ASP.NET to identify an incoming user. 
        -->
    <authentication mode="Windows" />
    <!--
            The <customErrors> section enables configuration 
            of what to do if/when an unhandled error occurs 
            during the execution of a request. Specifically, 
            it enables developers to configure html error pages 
            to be displayed in place of a error stack trace.

        <customErrors mode="RemoteOnly" defaultRedirect="GenericErrorPage.htm">
            <error statusCode="403" redirect="NoAccess.htm" />
            <error statusCode="404" redirect="FileNotFound.htm" />
        </customErrors>
        -->
  </system.web>

  <dotNetOpenAuth>
    <openid maxAuthenticationTime="0:05" cacheDiscovery="true">
      <relyingParty>
        <security
                    requireSsl="false"
                    minimumRequiredOpenIdVersion="V10"
                    minimumHashBitLength="160"
                    maximumHashBitLength="256"
                    requireDirectedIdentity="false"
                    requireAssociation="false"
                    rejectUnsolicitedAssertions="false"
                    rejectDelegatingIdentifiers="false"
                    ignoreUnsignedExtensions="false"
                    privateSecretMaximumAge="07:00:00" />
        <behaviors>
          <!-- <add type="Fully.Qualified.ClassName, Assembly" /> -->
        </behaviors>
        <store type="Fully.Qualified.ClassName, Assembly" />
      </relyingParty>
      <provider>
        <security
                    requireSsl="false"
                    protectDownlevelReplayAttacks="true"
                    minimumHashBitLength="160"
                    maximumHashBitLength="512">
          <associations>
            <add type="HMAC-SHA1" lifetime="14.00:00:00" />
            <add type="HMAC-SHA256" lifetime="14.00:00:00" />
          </associations>
        </security>
        <behaviors>
          <!-- <add type="Fully.Qualified.ClassName, Assembly" /> -->
        </behaviors>
        <store type="Fully.Qualified.ClassName, Assembly" />
      </provider>
      <extensionFactories>
        <add type="FullyQualifiedClass.Implementing.IOpenIdExtensionFactory, Assembly" />
      </extensionFactories>
    </openid>
    <messaging clockSkew="00:10:00" lifetime="00:03:00">
      <untrustedWebRequest
                timeout="00:01:10"
                readWriteTimeout="00:00:21.500"
                maximumBytesToRead="1048576"
                maximumRedirections="10">
        <whitelistHosts>
          <!-- since this is a sample, and will often be used with localhost -->
          <!-- <add name="localhost" /> -->
        </whitelistHosts>
        <whitelistHostsRegex>
          <!-- since this is a sample, and will often be used with localhost -->
          <!-- <add name="\.owndomain\.com$" /> -->
        </whitelistHostsRegex>
        <blacklistHosts>
        </blacklistHosts>
        <blacklistHostsRegex>
        </blacklistHostsRegex>
      </untrustedWebRequest>
    </messaging>
  </dotNetOpenAuth>


  <!-- log4net is a 3rd party (free) logger library that dotnetopenid will use if present but does not require. -->
  <log4net>
    <appender name="RollingFileAppender" type="log4net.Appender.RollingFileAppender">
      <file value="c:\\tmp\\toto\\RelyingParty2.log" />
      <appendToFile value="true" />
      <immediateFlush value="true" />
      <rollingStyle value="Size" />
      <maxSizeRollBackups value="10" />
      <maximumFileSize value="100KB" />
      <staticLogFileName value="true" />
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />
      </layout>
    </appender>
    <appender name="TracePageAppender" type="OpenIdRelyingPartyWebForms.Code.TracePageAppender, OpenIdRelyingPartyWebForms">
      <layout type="log4net.Layout.PatternLayout">
        <conversionPattern value="%date (GMT%date{%z}) [%thread] %-5level %logger - %message%newline" />
      </layout>
    </appender>
    <!-- Setup the root category, add the appenders and set the default level -->
    <root>
      <level value="INFO" />
      <appender-ref ref="RollingFileAppender" />
      <!--<appender-ref ref="TracePageAppender" />-->
    </root>
    <!-- Specify the level for some specific categories -->
    <logger name="DotNetOpenAuth">
      <level value="ALL" />
    </logger>
  </log4net>

</configuration>