{"id":2485,"date":"2013-10-24T00:44:16","date_gmt":"2013-10-24T07:44:16","guid":{"rendered":"http:\/\/www.cloudidentity.com\/blog\/?p=2485"},"modified":"2013-10-24T00:46:20","modified_gmt":"2013-10-24T07:46:20","slug":"vs2013-rtm-organizational-accounts-and-publishing-to-windows-azure-web-sites","status":"publish","type":"post","link":"https:\/\/www.cloudidentity.com\/blog\/2013\/10\/24\/vs2013-rtm-organizational-accounts-and-publishing-to-windows-azure-web-sites\/","title":{"rendered":"VS2013 RTM, Organizational Accounts and Publishing to Windows Azure Web Sites"},"content":{"rendered":"<p>Ahh joy, after a wait few weeks long I an finally typing on by brand new purple type cover 2, snapped to a shiny new Surface Pro 2! I just *have* to use this guy, and what better mixed workload than writing a blog post? That will exercise Visual Studio, the portal, Live Writer\u2026 it\u2019s a comprehensive workout!<\/p>\n<p>Today I\u2019d like to talk about some features of the new organizational ASP.NET project templates, which might catch you by surprise if you don\u2019t know about it.<\/p>\n<h3>The New Templates Save Validation Settings in a DB<\/h3>\n<p>Here there\u2019s the customary backgrounder. If you don\u2019t care about the theory, you can skip to the last section right away.<\/p>\n<p>As many of you know, the essence of authenticating a call boils down to deciding whether the caller is presenting a valid token with his\/her\/its request. What determines if a token should be considered valid? Well, the usual: some aspects are purely structural (it should be signed and not having been tampered with; should be of the expected format; should be scoped for your app; should not be expired; and so on) while others are expressions of the trust relationship between your application and the authority you are outsourcing your authentication to. In a nutshell, the latters boil down to the following: the incoming token should be signed with the <strong>key <\/strong>that you know belongs to the authority you trust (or the infrastructure the authority uses for minting tokens), and should have an <strong>Issuer <\/strong>value corresponding to it too.<\/p>\n<p>Traditionally, WIF 1.0 and the corresponding classes in .NET 4.5 kept track of those values by saving them in the web.config. I already spoke about some of the limitations the original classes had in terms of <a href=\"https:\/\/www.cloudidentity.com\/blog\/2013\/02\/08\/multitenant-sts-and-token-validation-4\/\">expressive power<\/a> and <a href=\"https:\/\/www.cloudidentity.com\/blog\/2013\/04\/02\/auto-update-of-the-signing-keys-via-metadata\/\">maintaining the settings fresh<\/a>.<br \/>Although for relatively stable scenarios you are fine, there are multiple issues in keeping those in the config if your settings change often and if you have to keep tab of a large number of authorities (if you sell SaaS apps, that\u2019s a good place to be). <br \/>Given that those are scenarios of great interest, the ASP.NET templates use the WIF extensibility endpoints to save the validation coordinates in a database. The process is pretty straightforward, although a bit verbose: you can trace it back by looking of the autogenerated code in the template. Starting from the web.config, the first change is in the &lt;identityConfiguration&gt; element:<\/p>\n<pre class=\"csharpcode\"> <span class=\"kwrd\">&lt;<\/span><span class=\"html\">system.identityModel<\/span><span class=\"kwrd\">&gt;<\/span>\r\n    <span class=\"kwrd\">&lt;<\/span><span class=\"html\">identityConfiguration<\/span><span class=\"kwrd\">&gt;<\/span>\r\n      <font style=\"background-color: #ffff00\"><span class=\"kwrd\">&lt;<\/span><span class=\"html\">issuerNameRegistry<\/span> <span class=\"attr\">type<\/span><span class=\"kwrd\">=\"WebApplication1.Utils.DatabaseIssuerNameRegistry, WebApplication1\"<\/span> <span class=\"kwrd\">\/&gt;<\/span><\/font>\r\n      <span class=\"kwrd\">&lt;<\/span><span class=\"html\">audienceUris<\/span><span class=\"kwrd\">&gt;<\/span>\r\n        <span class=\"kwrd\">&lt;<\/span><span class=\"html\">add<\/span> <span class=\"attr\">value<\/span><span class=\"kwrd\">=\"https:\/\/contoso7.onmicrosoft.com\/WebApplication1\"<\/span> <span class=\"kwrd\">\/&gt;<\/span>\r\n      <span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">audienceUris<\/span><span class=\"kwrd\">&gt;<\/span>\r\n      <span class=\"kwrd\">&lt;<\/span><span class=\"html\">securityTokenHandlers<\/span><span class=\"kwrd\">&gt;<\/span>\r\n        <span class=\"kwrd\">&lt;<\/span><span class=\"html\">add<\/span> <span class=\"attr\">type<\/span><span class=\"kwrd\">=\"System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"<\/span> <span class=\"kwrd\">\/&gt;<\/span>\r\n        <span class=\"kwrd\">&lt;<\/span><span class=\"html\">remove<\/span> <span class=\"attr\">type<\/span><span class=\"kwrd\">=\"System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089\"<\/span> <span class=\"kwrd\">\/&gt;<\/span>\r\n      <span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">securityTokenHandlers<\/span><span class=\"kwrd\">&gt;<\/span>\r\n      <span class=\"kwrd\">&lt;<\/span><span class=\"html\">certificateValidation<\/span> <span class=\"attr\">certificateValidationMode<\/span><span class=\"kwrd\">=\"None\"<\/span> <span class=\"kwrd\">\/&gt;<\/span>\r\n    <span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">identityConfiguration<\/span><span class=\"kwrd\">&gt;<\/span>\r\n  <span class=\"kwrd\">&lt;\/<\/span><span class=\"html\">system.identityModel<\/span><span class=\"kwrd\">&gt;<\/span><\/pre>\n<style type=\"text\/css\">.csharpcode, .csharpcode pre\n{\n\tfont-size: small;\n\tcolor: black;\n\tfont-family: consolas, \"Courier New\", courier, monospace;\n\tbackground-color: #ffffff;\n\t\/*white-space: pre;*\/\n}\n.csharpcode pre { margin: 0em; }\n.csharpcode .rem { color: #008000; }\n.csharpcode .kwrd { color: #0000ff; }\n.csharpcode .str { color: #006080; }\n.csharpcode .op { color: #0000c0; }\n.csharpcode .preproc { color: #cc6633; }\n.csharpcode .asp { background-color: #ffff00; }\n.csharpcode .html { color: #800000; }\n.csharpcode .attr { color: #ff0000; }\n.csharpcode .alt \n{\n\tbackground-color: #f4f4f4;\n\twidth: 100%;\n\tmargin: 0em;\n}\n.csharpcode .lnum { color: #606060; }\n<\/style>\n<p>The key line is the one highlighted. There the template specifies that the issuer validation coordinates are handled by a custom class, DatabaseIssuerNameRegistry. Its code is included in the template itself, and in fact it doesn\u2019t do anything especially glamorous, in fact it\u2019s pretty much what you\u2019d find in the custom IssuerNameRegistry <a href=\"http:\/\/msdn.microsoft.com\/en-us\/library\/windowsazure\/dn151789.aspx\">here<\/a>: the main difference is that instead of shoving keys and tenantIDs in an XML file, the template saves it in a DBContext.<\/p>\n<p>That is of course very nice, but it does come with some extra requirements in respect to the web.config-only version: now your app needs to have a database. For many of you this is likely to be an absolute no-brainer, given that chances are that you app already needed a DB for its own purposes: but for some other, who perhaps are just playing with the templates for figuring this identity stuff out, you might simply not have one (yet).<br \/>When you run your app on IIS Express that does not really make any difference, but it does when you deploy to Windows Azure Web Sites. If you publish without providing a DB connection string, on first execution (and assuming you have the custom errors off) you\u2019ll get the following, in all its unedited glory:<\/p>\n<blockquote>\n<h3>Server Error in &#8216;\/&#8217; Application. <\/h3>\n<h3>\n<hr size=\"1\" width=\"100%\">\n<\/h3>\n<h4><i>The system cannot find the file specified<\/i><\/h4>\n<p><b>Description: <\/b>An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. <br \/><b>Exception Details: <\/b>System.ComponentModel.Win32Exception: The system cannot find the file specified<br \/><b>Source Error:<\/b> <\/p>\n<p><code>An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.<\/code> <\/p>\n<p><b>Stack Trace:<\/b> <\/p>\n<p><code><\/p>\n<pre>[Win32Exception (0x80004005): The system cannot find the file specified]\r\n\r\n[SqlException (0x80131904): A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 52 - Unable to locate a Local Database Runtime installation. Verify that SQL Server Express is properly installed and that the Local Database Runtime feature is enabled.)]\r\n   System.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction) +5296071\r\n   System.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) +558\r\n   System.Data.SqlClient.TdsParser.Connect(ServerInfo serverInfo, SqlInternalConnectionTds connHandler, Boolean ignoreSniOpenTimeout, Int64 timerExpire, Boolean encrypt, Boolean trustServerCert, Boolean integratedSecurity, Boolean withFailover) +5308555\r\n   System.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) +145\r\n   System.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) +920\r\n   System.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) +307\r\n   System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions) +434\r\n   System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) +225\r\n   System.Data.ProviderBase.DbConnectionFactory.CreatePooledConnection(DbConnectionPool pool, DbConnectionOptions options, DbConnectionPoolKey poolKey, DbConnectionOptions userOptions) +37\r\n   System.Data.ProviderBase.DbConnectionPool.CreateObject(DbConnectionOptions userOptions) +558\r\n   System.Data.ProviderBase.DbConnectionPool.UserCreateRequest(DbConnectionOptions userOptions) +67\r\n   System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, UInt32 waitForMultipleObjectsTimeout, Boolean allowCreate, Boolean onlyOneCheckConnection, DbConnectionOptions userOptions, DbConnectionInternal&amp; connection) +1052\r\n   System.Data.ProviderBase.DbConnectionPool.TryGetConnection(DbConnection owningObject, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal&amp; connection) +78\r\n   System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal&amp; connection) +167\r\n   System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions) +143\r\n   System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry) +83\r\n   System.Data.SqlClient.SqlConnection.Open() +96\r\n   System.Data.Entity.SqlServer.&lt;&gt;c__DisplayClass2f.&lt;UsingConnection&gt;b__2d() +73\r\n   System.Data.Entity.SqlServer.&lt;&gt;c__DisplayClass1.&lt;Execute&gt;b__0() +10\r\n   System.Data.Entity.SqlServer.DefaultSqlExecutionStrategy.Execute(Func`1 operation) +189\r\n   System.Data.Entity.SqlServer.DefaultSqlExecutionStrategy.Execute(Action operation) +78\r\n   System.Data.Entity.SqlServer.SqlProviderServices.UsingConnection(DbConnection sqlConnection, Action`1 act) +229\r\n   System.Data.Entity.SqlServer.SqlProviderServices.UsingMasterConnection(DbConnection sqlConnection, Action`1 act) +376\r\n   System.Data.Entity.SqlServer.SqlProviderServices.GetDbProviderManifestToken(DbConnection connection) +201\r\n   System.Data.Entity.Core.Common.DbProviderServices.GetProviderManifestToken(DbConnection connection) +85\r\n\r\n[ProviderIncompatibleException: The provider did not return a ProviderManifestToken string.]\r\n   System.Data.Entity.Core.Common.DbProviderServices.GetProviderManifestToken(DbConnection connection) +269\r\n   System.Data.Entity.Utilities.DbProviderServicesExtensions.GetProviderManifestTokenChecked(DbProviderServices providerServices, DbConnection connection) +33\r\n\r\n[ProviderIncompatibleException: An error occurred while getting provider information from the database. This can be caused by Entity Framework using an incorrect connection string. Check the inner exceptions for details and ensure that the connection string is correct.]\r\n   System.Data.Entity.Utilities.DbProviderServicesExtensions.GetProviderManifestTokenChecked(DbProviderServices providerServices, DbConnection connection) +193\r\n   System.Data.Entity.Infrastructure.&lt;&gt;c__DisplayClass1.&lt;ResolveManifestToken&gt;b__0(Tuple`3 k) +32\r\n   System.Collections.Concurrent.ConcurrentDictionary`2.GetOrAdd(TKey key, Func`2 valueFactory) +72\r\n   System.Data.Entity.Infrastructure.DefaultManifestTokenResolver.ResolveManifestToken(DbConnection connection) +180\r\n   System.Data.Entity.Utilities.DbConnectionExtensions.GetProviderInfo(DbConnection connection, DbProviderManifest&amp; providerManifest) +56\r\n   System.Data.Entity.DbModelBuilder.Build(DbConnection providerConnection) +43\r\n   System.Data.Entity.Internal.LazyInternalContext.CreateModel(LazyInternalContext internalContext) +62\r\n   System.Data.Entity.Internal.RetryLazy`2.GetValue(TInput input) +123\r\n   System.Data.Entity.Internal.LazyInternalContext.InitializeContext() +611\r\n   System.Data.Entity.Internal.InternalContext.GetEntitySetAndBaseTypeForType(Type entityType) +18\r\n   System.Data.Entity.Internal.Linq.InternalSet`1.Initialize() +53\r\n   System.Data.Entity.Internal.Linq.InternalSet`1.get_InternalContext() +15\r\n   System.Data.Entity.Infrastructure.DbQuery`1.System.Linq.IQueryable.get_Provider() +38\r\n   System.Linq.Queryable.Where(IQueryable`1 source, Expression`1 predicate) +63\r\n   WebApplication1.Utils.DatabaseIssuerNameRegistry.ContainsKey(String thumbprint) +347\r\n   WebApplication1.Utils.DatabaseIssuerNameRegistry.RefreshKeys(String metadataLocation) +89\r\n   WebApplication1.IdentityConfig.RefreshValidationSettings() +31\r\n   WebApplication1.IdentityConfig.ConfigureIdentity() +8\r\n   WebApplication1.MvcApplication.Application_Start() +18\r\n\r\n[HttpException (0x80004005): An error occurred while getting provider information from the database. This can be caused by Entity Framework using an incorrect connection string. Check the inner exceptions for details and ensure that the connection string is correct.]\r\n   System.Web.HttpApplicationFactory.EnsureAppStartCalledForIntegratedMode(HttpContext context, HttpApplication app) +9863473\r\n   System.Web.HttpApplication.RegisterEventSubscriptionsWithIIS(IntPtr appContext, HttpContext context, MethodInfo[] handlers) +118\r\n   System.Web.HttpApplication.InitSpecial(HttpApplicationState state, MethodInfo[] handlers, IntPtr appContext, HttpContext context) +172\r\n   System.Web.HttpApplicationFactory.GetSpecialApplicationInstance(IntPtr appContext, HttpContext context) +336\r\n   System.Web.Hosting.PipelineRuntime.InitializeApplication(IntPtr appContext) +296\r\n\r\n[HttpException (0x80004005): An error occurred while getting provider information from the database. This can be caused by Entity Framework using an incorrect connection string. Check the inner exceptions for details and ensure that the connection string is correct.]\r\n   System.Web.HttpRuntime.FirstRequestInit(HttpContext context) +9877804\r\n   System.Web.HttpRuntime.EnsureFirstRequestInit(HttpContext context) +101\r\n   System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) +254\r\n<\/pre>\n<p><\/code><\/p>\n<hr size=\"1\" width=\"100%\">\n<b>Version Information:<\/b> Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.0.30319.19064 <\/p>\n<p>&nbsp;<\/p>\n<\/blockquote>\n<p>That clearly cannot stand. In the next section I\u2019ll look at one way of making that error go away. Thanks to Dan Roth for the helpful chat about how to do so with the shortest path! <img decoding=\"async\" class=\"wlEmoticon wlEmoticon-smile\" style=\"border-top-style: none; border-bottom-style: none; border-right-style: none; border-left-style: none\" alt=\"Smile\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/wlEmoticon-smile3.png\"><\/p>\n<h3>Adding a DB to an Existing Windows Azure Web Site and Using It at Publication Time <\/h3>\n<p>The fix for the issue is simple, you need to have a DB in your Web Site and you need to specify it at publication time. Luckily, the Windows Azure portal make adding a DB to an existing Web Site a walk in the park!<\/p>\n<p>Start by navigating to <a href=\"https:\/\/manage.windowsazure.com\">https:\/\/manage.windowsazure.com<\/a>, zero on the Web Sites section and pick the site you want to target. Once there,&nbsp; head to the Linked Resources tab. If you originally set up the site via Quick Create, you\u2019ll see something like the following:<\/p>\n<p><a href=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image18.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-left-width: 0px; border-right-width: 0px; background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; display: inline; padding-right: 0px; border-top-width: 0px\" border=\"0\" alt=\"image\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image_thumb18.png\" width=\"640\" height=\"266\"><\/a><\/p>\n<p>Hit the \u201clink a resource\u201d button.<\/p>\n<p><a href=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image19.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-left-width: 0px; border-right-width: 0px; background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border-top-width: 0px\" border=\"0\" alt=\"image\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image_thumb19.png\" width=\"640\" height=\"425\"><\/a><\/p>\n<p>Choose \u201cCreate a new resource\u201d.<\/p>\n<p><a href=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image20.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-left-width: 0px; border-right-width: 0px; background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border-top-width: 0px\" border=\"0\" alt=\"image\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image_thumb20.png\" width=\"640\" height=\"430\"><\/a><\/p>\n<p>Lots of choices there! I\u2019ll pick \u201cSQL Database\u201d.<\/p>\n<p><a href=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image21.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-left-width: 0px; border-right-width: 0px; background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border-top-width: 0px\" border=\"0\" alt=\"image\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image_thumb21.png\" width=\"640\" height=\"414\"><\/a><\/p>\n<p>In my case, I am happy with the default name\u2026 also, I have an existing server I can latch to, but you can create one on the fly if you don\u2019t (very neat).<\/p>\n<p>Once you are done choosing your options, hit the \u201cdone\u201d button.<\/p>\n<p><a href=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image22.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-left-width: 0px; border-right-width: 0px; background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; display: inline; padding-right: 0px; border-top-width: 0px\" border=\"0\" alt=\"image\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image_thumb22.png\" width=\"640\" height=\"311\"><\/a><\/p>\n<p>Back on the linked resources screen, you\u2019ll see that you now have your new DB linked to your web site.<\/p>\n<p>Go back to the dashboard. Once here, download the publish profile for your web site (you\u2019ll the link under \u201cquick glance\u201d).<\/p>\n<p>Switch to Visual Studio and start another Publish operation; this time, import the new publish profile. Go to Settings.<\/p>\n<p><a href=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image23.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-top: 0px; border-right: 0px; background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; border-left: 0px; display: inline; padding-right: 0px\" border=\"0\" alt=\"image\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image_thumb23.png\" width=\"627\" height=\"563\"><\/a><\/p>\n<p>As you can see, you now have your newly created\/linked DB available in the Databases section. Select it in the dropdown and hit Publish. Wait for it and\u2026<\/p>\n<p><a href=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image24.png\"><img loading=\"lazy\" decoding=\"async\" title=\"image\" style=\"border-top: 0px; border-right: 0px; background-image: none; border-bottom: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; border-left: 0px; display: inline; padding-right: 0px\" border=\"0\" alt=\"image\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/image_thumb24.png\" width=\"616\" height=\"480\"><\/a><\/p>\n<p>\u2026instead of that nasty error, you get the shiny default bootstrap themed app UI! <img decoding=\"async\" class=\"wlEmoticon wlEmoticon-smile\" style=\"border-top-style: none; border-bottom-style: none; border-right-style: none; border-left-style: none\" alt=\"Smile\" src=\"https:\/\/www.cloudidentity.com\/blog\/wp-content\/uploads\/2013\/10\/wlEmoticon-smile3.png\"><\/p>\n<p>&nbsp;<\/p>\n<p>That\u2019s it. Pretty straightforward, right?<\/p>\n<p>Note, this applies only to the Web UX (MVC\/Web Form) projects when used with Organizational Accounts options in the cloud (Single Organization and Multiple Organizations, cloud). For Single Organization \u2013On Premises the template still sticks with the good ol\u2019ValidatingIssuerNameRegistry.<\/p>\n<p>The use of a DB for validation coordinates is great for multi organization apps (SaaS, multi-tenancy, etc). Personally, I am less convinced about it when it comes to single organization projects (e.g. LOB apps) given that the validation coordinates amount to 2 strings, one of which will change sparingly during the app lifetime; however I fully trust my friends in ASP.NET, who tell me that every app will need a DB anyway hence this is not going to really add any requirement that wasn\u2019t already there. In any case, if you stumble in that hopefully the big verbatim dump with the error text will lure your search engine here to the solution. Let us know how that goes!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Ahh joy, after a wait few weeks long I an finally typing on by brand new purple type cover 2, snapped to a shiny new Surface Pro 2! I just *have* to use this guy, and what better mixed workload than writing a blog post? That will exercise Visual Studio, the portal, Live&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2482,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_kad_post_transparent":"","_kad_post_title":"","_kad_post_layout":"","_kad_post_sidebar_id":"","_kad_post_content_style":"","_kad_post_vertical_padding":"","_kad_post_feature":"","_kad_post_feature_position":"","_kad_post_header":false,"_kad_post_footer":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-2485","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts\/2485","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/comments?post=2485"}],"version-history":[{"count":1,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts\/2485\/revisions"}],"predecessor-version":[{"id":2486,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/posts\/2485\/revisions\/2486"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/media\/2482"}],"wp:attachment":[{"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/media?parent=2485"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/categories?post=2485"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cloudidentity.com\/blog\/wp-json\/wp\/v2\/tags?post=2485"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}