• SPClaimsUtility.AuthenticateFormsUser的证书验证问题


    Log Parser Studio查看IIS日志发现调用SPClaimsUtility.AuthenticateFormsUser的部分有time-taken在15秒左右的多个响应,查看call stack如下:

    Child-SP         RetAddr          Call Site
    00000000122ad290 000007fef1a7856b DomainNeutralILStubClass.IL_STUB(IntPtr, System.Security.Cryptography.SafeCertContextHandle, System.Runtime.InteropServices.ComTypes.FILETIME ByRef, System.Security.Cryptography.SafeCertStoreHandle, CERT_CHAIN_PARA ByRef, UInt32, IntPtr, System.Security.Cryptography.SafeCertChainHandle ByRef)
    00000000122ad4e0 000007fef1a7812e System.Security.Cryptography.X509Certificates.X509Chain.BuildChain(IntPtr, System.Security.Cryptography.SafeCertContextHandle, System.Security.Cryptography.X509Certificates.X509Certificate2Collection, System.Security.Cryptography.OidCollection, System.Security.Cryptography.OidCollection, System.Security.Cryptography.X509Certificates.X509RevocationMode, System.Security.Cryptography.X509Certificates.X509RevocationFlag, System.DateTime, System.TimeSpan, System.Security.Cryptography.SafeCertChainHandle ByRef)
    00000000122ad5d0 000007fee933b805 System.Security.Cryptography.X509Certificates.X509Chain.Build(System.Security.Cryptography.X509Certificates.X509Certificate2)
    00000000122ad700 000007fee9250394 Microsoft.SharePoint.SPCertificateValidator+SPImmutableCertificateValidator.Validate(System.Security.Cryptography.X509Certificates.X509Certificate2)
    00000000122ad760 000007fee610b908 Microsoft.SharePoint.SPCertificateValidator.Validate(System.Security.Cryptography.X509Certificates.X509Certificate2)
    00000000122ad7d0 000007ff0026fc53 Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(System.IdentityModel.Tokens.SecurityToken)
    00000000122ad880 000007ff00279fc1 Microsoft.SharePoint.IdentityModel.SPFederationAuthenticationModule.AuthenticateUser(System.IdentityModel.Tokens.SecurityToken)
    00000000122ad8d0 000007fee899ec7c Microsoft.SharePoint.IdentityModel.SPFederationAuthenticationModule.SetPrincipalAndWriteSessionToken(System.IdentityModel.Tokens.SecurityToken, Microsoft.SharePoint.IdentityModel.SPSessionTokenWriteType)
    00000000122ad980 000007ff00279a48 Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated)
    00000000122ad9d0 000007ff00202f60 Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(System.Uri, System.String, System.String)

    网上有3种解决方案,个人推荐安装证书,操作参考如下:

    1、已管理员身份运行SharePoint 2010 Management Shell。

    2、执行以下命令:

    $rootCert = (Get-SPCertificateAuthority).RootCertificate 
    $rootCert.Export("Cert") | Set-Content C:SharePointRootAuthority.cer -Encoding byte

    3、安装导出的证书” SharePointRootAuthority.cer”至受信任的根证书颁发机构。

  • 相关阅读:
    如何在phpstorm中安装xdebug调试工具
    php判断远程图片或文件是否存在
    在centos6.7中lnmp环境下安装swoole插件和pthreads插件
    linux中常用的命令
    PHP获取远程文件的几种方式
    TextView实现长按复制功能
    android 字体大小自适应
    Android 相机,视频录制
    转 数据存储方式
    转 String,StringBuffer与StringBuilder的区别??
  • 原文地址:https://www.cnblogs.com/junchu25/p/3985769.html
Copyright © 2020-2023  润新知