"No OpenID endpoint found" on Azure Website

Asked 10/6, 2012 at 14:18 Answered 24/1, 2013 at 15:9

Solved azure dotnetopenauth azure-web-app-service

I have a strange issue with a MVC 3 app running as an Azure Website. I have had issues with Azure in the past, but the new Website concept works almost perfectly, except for this:

DotNetOpenAuth.Messaging.ProtocolException: No OpenID endpoint found.

This only happens with Google, only on Azure. Running locally it works fine, running on AppHarbor it works fine, but on Azure every attempt to use Google for OpenID login will result in a server error due to that exception (tracked using Airbrake).

See for yourself, try logging in with Google on my website and if you immediately get a server error page it means DNOA is throwing up. All other login methods work fine, including Yahoo and AOL which are also OpenID.

P.S.: Don't try it too many times though, AirBrake will happily spam my email address :<

Gunpaper answered 10/6, 2012 at 14:18 Comment(6)

Would you please try to add OAuth logging to your application as described here to get more info why it is failing on Windows Azure dotnetopenauth.net/developers/help/… – Heighten 10/6, 2012 at 17:35

@Heighten I tried using Glimpse but the DNOA tab is inactive, suggesting that nothing is being logged. – Gunpaper 10/6, 2012 at 18:9

@AndrewArnott I tried using log4net directly, nothing is being logged apparently. – Gunpaper 11/6, 2012 at 15:46

I am not familiar with DotNetOpenAuth. But I suggest you to use Windows Azure ACS. It also supports Google as an identity provider, and it works fine in Windows Azure. – Tan 12/6, 2012 at 11:11

@MingXu-MSFT, wouldn't that require 1) using cloud services instead of websites, 2) rewriting the whole auth code, 3) locking myself to Azure exclusively. And would that even run locally? The emulator isn't... that great, deployment to cloud services is really slow, etc. No thanks. – Gunpaper 12/6, 2012 at 17:31

@MirceaChirea I'm having the exact same problem but it only occurs the first time, once per app start, it seems. Also I'm only using google at the moment so IDK if anything else is causing this. – Vermeil 13/6, 2012 at 17:17

Try adding this code to your web site before calling OpenIdRelyingParty.CreateRequest:

ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3;

In some Azure configurations this has been shown to resolve the issue.

Dangle answered 20/6, 2012 at 3:22 Comment(3)

Thank you! This worked perfectly for me. Do you have a more in-depth explanation into why this is necessary? – Every 20/6, 2012 at 23:26

It seems that those on the new Azure preview web hosting service are running their sites in a new environment/sandbox, where the default SSL settings are non-standard. When sending an HTTP request to Google, SSL v3 is (apparently) used and the default configuration, whatever it is, can't adjust to it without a little help. The Azure folks are working on the problem so that it works by default in the future. – Dangle 21/6, 2012 at 15:20

This answer fixed the problem for accessing Google APIs. However, I am still having the same problem with accessing Exchange Web Services even with this workaround implemented. – Mettle 2/7, 2012 at 5:26

-1

I had this function in global.asax:

AreaRegistration.RegisterAllAreas();

After removing this line, all works perfectly.

I've added some areas in my app, this function was added automatically by VS2012.

Atchison answered 24/1, 2013 at 15:9 Comment(0)

Recommended topics

Hot tags