Vault/Dragnet integrated authentication problem

This forum is now locked, since gold support is no longer offered.

Moderator: SourceGear

Locked
djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Vault/Dragnet integrated authentication problem

Post by djMax » Wed Dec 01, 2004 1:06 pm

I'm seeing this in the dragnet logs:

Vault authorization for user max failed. Couldn't connect to object.
CryptoAPI cryptographic service provider (CSP) for this implementation could not be acquired.

(And can't login)

jclausius
Posts: 3702
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Wed Dec 01, 2004 2:23 pm

Can you post the full log entry? Also, what is the server platform? OS, Service Pack, Memory, etc.
Jeff Clausius
SourceGear

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Wed Dec 01, 2004 3:35 pm

I'm afraid that is the whole log entry...

jclausius
Posts: 3702
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Wed Dec 01, 2004 3:41 pm

What about platform info? Also, is there anything in the Windows Event viewer ( application or system event logs ) related to .Net or ASP.Net?
Jeff Clausius
SourceGear

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Wed Dec 01, 2004 5:57 pm

It's Windows Server 2003 (SBS). I just went to winupdate and it seems I don't have .Net 1.1 SP1. Let me install that and see if that fixes it.

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Wed Dec 01, 2004 6:33 pm

Nope, installed SP1, same problem. Turned the debug level up to "debug", but still nothing too useful other than:

Vault authorization for user max failed. Couldn't connect to object.
CryptoAPI cryptographic service provider (CSP) for this implementation could not be acquired.
2004-12-01 19:26:28.984 sbsrv (192.168.113.1)- : Helpers::Login - strLogin=max, strPassword=<not_displayed>, strSessionID=k<deletedbyme>c

2004-12-01 19:27:18.484 sbsrv (192.168.113.1)- : Helpers::DeleteSession - SessionID=k<deletedbyme>c

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Wed Dec 01, 2004 7:09 pm

might this have something to do with a file called BF.dll, which I assume implements BlowFish, which I cannot find on my disk anywhere but is referenced from your code?

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Wed Dec 01, 2004 7:23 pm

I think that is only used for SOS, so disregard... But perhaps this might lead to something?

http://support.microsoft.com/default.as ... us;Q322371

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Wed Dec 01, 2004 7:27 pm

Yeah, I think that was the problem... Is there a reason you're not using the Machine Keyset in the code?

I logged into the machine interactively as the Vault user once, and now it works.

jclausius
Posts: 3702
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Wed Dec 01, 2004 10:06 pm

What type of authentication are you using for your users? Vault Auth or Mantis Auth?
Jeff Clausius
SourceGear

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Thu Dec 02, 2004 9:10 am

Vault auth.

And it seemed to work for a while after I logged the "impersonated" user for vault in, but not for long.

This is almost definitely a keyset problem, my guess is in SGAuth.EncryptPassword (and potentially elsewhere). I think the RSAParameters need to have "use machine keyset" set.

jclausius
Posts: 3702
Joined: Tue Dec 16, 2003 1:17 pm
Location: SourceGear
Contact:

Post by jclausius » Thu Dec 02, 2004 2:00 pm

We're looking at the issue, and hope to have a resolution shortly.
Jeff Clausius
SourceGear

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Thu Dec 02, 2004 9:01 pm

Ok, thanks. Pressure is off for me, I switched Vault and Dragnet to Windows auth and forced SSL for everything, so we're good to go now.

jeremy_sg
Posts: 1821
Joined: Thu Dec 18, 2003 11:39 am
Location: Sourcegear
Contact:

Post by jeremy_sg » Fri Dec 03, 2004 6:45 am

We've fixed this issue, and it will be resolved in 3.0.1. Thanks for your help djMax.

djMax
Posts: 32
Joined: Wed Dec 01, 2004 1:05 pm
Location: Boston, MA

Post by djMax » Fri Dec 03, 2004 10:40 am

My pleasure, "Reflector" is a very cool program. :)

Locked