这个错误让我疯了两天!
我有一个 web 服务器和一个 adfs 服务器(都是 windows server 2012)。我正确配置了 adfs。我可以看到 adfs/ls 身份验证页面,并且可以使用 AD 用户从 adfs 服务器登录。当我尝试从 Web 服务器访问 adfs/ls 身份验证页面时,会正确重定向到 adfs 服务器,因此我可以输入我的用户名和密码。什么时候回来我在页面上收到此错误:
There was a problem accessing the site. Try to browse to the site again.
If the problem persists, contact the administrator of this site and provide the reference number to identify the problem.
Authentication failed. Close the browser and try again, or contact your administrator for more information.
Reference number: 8949f368-ee3b-4c94-a749-63950dfc42b9
在 adfs 服务器上,我有这个事件 id 111:
The Federation Service encountered an error while processing the WS-Trust request.
Request type: http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue
Additional Data
Exception details:
Microsoft.IdentityServer.Framework.SecurityTokenService.FailedAuthenticationException: MSIS3055: The requested relying party trust 'http://myserver.com/MyApplication' is unspecified or unsupported. If a relying party trust was specified, it is possible the user does not have permission to access the relying party trust. ---> Microsoft.IdentityServer.Service.Policy.PolicyServer.Engine.ScopeNotFoundPolicyRequestException: MSIS3020: The relying party trust with identifier 'http://myserver.com/MyApplication' could not be located.
--- End of inner exception stack trace ---
at System.IdentityModel.AsyncResult.End(IAsyncResult result)
at System.ServiceModel.Security.WSTrustServiceContract.ProcessCoreAsyncResult.End(IAsyncResult ar)
at System.ServiceModel.Security.WSTrustServiceContract.EndProcessCore(IAsyncResult ar, String requestAction, String responseAction, String trustNamespace)
Microsoft.IdentityServer.Service.Policy.PolicyServer.Engine.ScopeNotFoundPolicyRequestException: MSIS3020: The relying party trust with identifier 'http://myserver.com/MyApplication' could not be located.
在两台服务器中都配置了依赖方信任,证书也是正确的,但显然有些东西丢失或错误。任何帮助将非常感激!