Federated Authentication and "Error occurred during a cryptographic operation"

Asked 5/4, 2013 at 16:42 Answered 19/7, 2016 at 14:39

I got this exception when I try get my home page on ASP.NET MVC application.

[CryptographicException: Error occurred during a cryptographic operation.]
System.Web.Security.Cryptography.HomogenizingCryptoServiceWrapper.HomogenizeErrors(Func`2 func, Byte[] input) +246
System.IdentityModel.Services.MachineKeyTransform.Decode(Byte[] encoded) +191
System.IdentityModel.Tokens.SessionSecurityTokenHandler.ApplyTransforms(Byte[] cookie, Boolean outbound) +173
System.IdentityModel.Tokens.SessionSecurityTokenHandler.ReadToken(XmlReader reader, SecurityTokenResolver tokenResolver) +756
System.IdentityModel.Tokens.SessionSecurityTokenHandler.ReadToken(Byte[] token, SecurityTokenResolver tokenResolver) +100
System.IdentityModel.Services.SessionAuthenticationModule.ReadSessionTokenFromCookie(Byte[] sessionCookie) +1164
System.IdentityModel.Services.SessionAuthenticationModule.TryReadSessionTokenFromCookie(SessionSecurityToken& sessionToken) +287
System.IdentityModel.Services.SessionAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs eventArgs) +231
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +80 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +165

From what I understand something get wrong in the cookie for SessionAuthenticationModule. If you clear the cookies (as stated already here Federated Authentication on Azure) it works. What I would like is to understand what is going on, how to catche the exceptions and fix the issue.

Gurgle answered 5/4, 2013 at 16:42 Comment(7)

How do you issue cookies? – Embryonic 5/4, 2013 at 16:49

Is your app on Azure? – Predisposition 5/4, 2013 at 16:54

@WiktorZychla: They were from a previous build and cached in my browser – Gurgle 5/4, 2013 at 16:57

@SimonHalsey: Yes they will be but for now they are run locally with the compute emulator, iis express, ... – Gurgle 5/4, 2013 at 16:58

Sounds like a duplicate of this then #14120465 – Embryonic 5/4, 2013 at 17:46

@WiktorZychla: Same problem I guess but wrong solution. We can't ask everyone to clean there cache when we see this error. What I would like is to understand what is going on, how to catche the exceptions and fix the issue. – Gurgle 5/4, 2013 at 18:42

Thr easiest workaround would be to change the name of the cookie in your cookie section of federation settings. This way old cookies would be discarded at the server side. – Embryonic 5/4, 2013 at 19:47

The cookie, when issued, contains security token encrypted using the current machineKey. When the cookie from the previous build is sent back to server, SAM (more precisely the token handler) tries to decrypt it using the new value of machineKey which causes the error. Check my answer in the related post (Federated Authentication on Azure) to mitigate the error. HTH

Nummary answered 24/4, 2013 at 21:46 Comment(0)

I faced the same problem. I just cleared all of browser's cookies and cache data and it got fixed.

Cappuccino answered 19/7, 2016 at 14:39 Comment(6)

In my case, It is fine since i fixed it. – Cappuccino 8/8, 2016 at 8:24

Well, how did you fix it? – Upwards 8/8, 2016 at 16:12

I was logged in with old credentials, i made some chages in my authentication and that exception occured. Then I washed-out all of my browser's cache and cookies and I logged out and logged in, problem solved. – Cappuccino 9/8, 2016 at 8:29

It is a quick fix, for make a solution work. This is not a full fix to the issue. – Kamala 28/4, 2017 at 0:34

what is the full fix then ? @Juan Acosta – Onlybegotten 16/10, 2017 at 8:10

@BaqerNaqvi so you are manually clearing the cookies each time you experience this problem? Great fix,.... – Phonetist 15/11, 2017 at 16:48

Recommended topics

Hot tags