zoukankan      html  css  js  c++  java

  • SPClaimsUtility.AuthenticateFormsUser的证书验证问题

    Log Parser Studio查看IIS日志发现调用SPClaimsUtility.AuthenticateFormsUser的部分有time-taken在15秒左右的多个响应,查看call stack如下:

    Child-SP         RetAddr          Call Site
00000000122ad290 000007fef1a7856b DomainNeutralILStubClass.IL_STUB(IntPtr, System.Security.Cryptography.SafeCertContextHandle, System.Runtime.InteropServices.ComTypes.FILETIME ByRef, System.Security.Cryptography.SafeCertStoreHandle, CERT_CHAIN_PARA ByRef, UInt32, IntPtr, System.Security.Cryptography.SafeCertChainHandle ByRef)
00000000122ad4e0 000007fef1a7812e System.Security.Cryptography.X509Certificates.X509Chain.BuildChain(IntPtr, System.Security.Cryptography.SafeCertContextHandle, System.Security.Cryptography.X509Certificates.X509Certificate2Collection, System.Security.Cryptography.OidCollection, System.Security.Cryptography.OidCollection, System.Security.Cryptography.X509Certificates.X509RevocationMode, System.Security.Cryptography.X509Certificates.X509RevocationFlag, System.DateTime, System.TimeSpan, System.Security.Cryptography.SafeCertChainHandle ByRef)
00000000122ad5d0 000007fee933b805 System.Security.Cryptography.X509Certificates.X509Chain.Build(System.Security.Cryptography.X509Certificates.X509Certificate2)
00000000122ad700 000007fee9250394 Microsoft.SharePoint.SPCertificateValidator+SPImmutableCertificateValidator.Validate(System.Security.Cryptography.X509Certificates.X509Certificate2)
00000000122ad760 000007fee610b908 Microsoft.SharePoint.SPCertificateValidator.Validate(System.Security.Cryptography.X509Certificates.X509Certificate2)
00000000122ad7d0 000007ff0026fc53 Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(System.IdentityModel.Tokens.SecurityToken)
00000000122ad880 000007ff00279fc1 Microsoft.SharePoint.IdentityModel.SPFederationAuthenticationModule.AuthenticateUser(System.IdentityModel.Tokens.SecurityToken)
00000000122ad8d0 000007fee899ec7c Microsoft.SharePoint.IdentityModel.SPFederationAuthenticationModule.SetPrincipalAndWriteSessionToken(System.IdentityModel.Tokens.SecurityToken, Microsoft.SharePoint.IdentityModel.SPSessionTokenWriteType)
00000000122ad980 000007ff00279a48 Microsoft.SharePoint.Utilities.SecurityContext.RunAsProcess(CodeToRunElevated)
00000000122ad9d0 000007ff00202f60 Microsoft.SharePoint.IdentityModel.SPClaimsUtility.AuthenticateFormsUser(System.Uri, System.String, System.String)

    网上有3种解决方案,个人推荐安装证书,操作参考如下:

    1、已管理员身份运行SharePoint 2010 Management Shell。

    2、执行以下命令:

    $rootCert = (Get-SPCertificateAuthority).RootCertificate 
$rootCert.Export("Cert") | Set-Content C:SharePointRootAuthority.cer -Encoding byte

    3、安装导出的证书” SharePointRootAuthority.cer”至受信任的根证书颁发机构。
  • 相关阅读:
    hdu 5648 DZY Loves Math 组合数+深搜(子集法)
    hdu 5647 DZY Loves Connecting 树形DP
    hdu 4550 卡片游戏 贪心
    hdu 5646 DZY Loves Partition 二分+数学分析+递推
    hdu 2196 Computer 树形DP
    poj 2342 Anniversary party 树形DP入门
    Vijos P1003 等价表达式 随机数+单调栈
    【BZOJ】1044: [HAOI2008]木棍分割 二分+区间DP
    【BZOJ】1925: [Sdoi2010]地精部落 DP+滚动数组
    【BZOJ】1012: [JSOI2008]最大数maxnumber 树状数组求区间最值
  • 原文地址:https://www.cnblogs.com/junchu25/p/3985769.html
Copyright © 2011-2022 走看看