Problem with example 8-ActiveRestClientFederation in A Guide to Claims-based Identity and Access Control (second edition)

Jan 18, 2013 at 9:14 AM

I am currently going through the sample code for chapter 8 of 'A Guide to Claims-based Identity and Access Control.' I've installed the dependencies, including the certificates, but when the application tries to get SAML from ACS in CustomHeaderMessageInspector an exception is thrown. The response text is

'{"error":"invalid_request","error_description":"ACS50000: There was an error issuing a token. ACS50003: No primary symmetric signing key is configured.  \r\nTrace ID: 6700dbe7-4ce6-471a-851f-690ed5f0a05b\r\nTimestamp: 2013-01-17 11:54:47Z"}'

Any ideas as to what I could try?

Perhaps the symmetric key has expired as this blog post suggests? I did also try using my own ACS account by following the instructions in the Readme but sadly I ran into different problems there.


Jan 18, 2013 at 1:31 PM

I've now sorted access using my own Azure account out. I fixed the problems I was having by doing the following after by completing the instructions in the release notes:

  • skipping over the code in Setup where it tried to delete the Windows Azure AD Identity provider
  • Changing the authentication mode for the Management Service to Password from Symmetric Key
  • Changing the 'acsnamespace' key from 'aorderrest-dev' to my own namespace in the App.Config file of the a-order.OrderTracking.Client.8 project
  • Changing the TrustedIssuers section in the Web.Config of a-order.OrderTracking.Services.8 project to trust my ACS namespace.

There was a little bit more configuration I had to change but that was to do with WCF. If anyone else has any problems with this tutorial then do ask me.