PassportIdentity.Error

Article
06/29/2006

PassportIdentity.Error

Gets a value indicating the error state associated with the current Microsoft® .NET Passport Ticket. A property that checks the .NET Passport Ticket or query string for any errors that have been set by the .NET Passport domain authority upon direct user-network communication.

Syntax

public int Error [get]

Property value

A 32-bit signed integer indicating the current error state. Returns any network error code associated with this request. Possible values are as listed in Remarks.

Example

The following C# example gets the error and displays the property value as well as the meaning of the value. Any error can be simulated for purposes of this example by adding an "f=" parameter to the query string of the page. This is how Passport Manager itself receives the errors from network servers.

<%@ Page Language="C#"%>
<HTML>
<HEAD><TITLE>Mysample - Exercise - CS</TITLE></HEAD>
<Script language="C#" runat="server">
 PassportIdentity oMgr;
 int Errorval;

 protected void Page_Load(Object src, EventArgs e) {
  oMgr = (PassportIdentity)User.Identity;
 }
</Script>

<%Response.Write ("Here is the error number.");
Errorval = oMgr.Error ;
Response.Write ("<br>Error # = " + Errorval);

if (Errorval >=0) {
 switch (Errorval) {
  case 0:
   Response.Write (" No Error.");
   break;
  case 1:
   goto case 9;
.
.
.
  case 10:
   Response.Write (" This .NET Passport is associated with Kids Passport. Your site does not support Kids Passport.");
   break;
  case 11:
   Response.Write (" User clicked cancel.");
   break;
  case 12:
   Response.Write (" Site is not SSL.");
   break;
  default:
   Response.Write (" Oops! Unrecognized error message.");
   break;
  } //End Switch
} // End If
%>
</HEAD>
</HTML>

An authenticated user, with no errors, will provide an output similar to the following:

Here is the error number.
Error # = 0 No Error.

Remarks

A read-only property. A .NET Passport network error code is an integer value that is set by other servers in the .NET Passport network (for example, an Update or Login server) and is used to identify errors or problem conditions after the user reaches a participating site. Reading the Error property determines whether a user's request contains a .NET Passport error on the query string or in the .NET Passport Ticket cookie. An Error property equal to zero means that there are no error codes present.

Possible error codes and their meanings are listed in the following table:

Name VT_I4 value Description

BAD_REQUEST 1 The domain database received a partial request, the Site ID did not match, and so on.

OFFLINE 2 The domain database is offline and cannot handle requests.

TIMEOUT 3 The request to the domain database timed out.

LOCKED 4 The user's account is locked, the user is not signed in, or both.

NO_PROFILE 5 Not used.

DISASTER 6 The network server is not able to check the user database. If this error is received, your site should consider switching to stand-alone mode. The Login server has determined that some (although not all) of the network servers responsible for performing the steps of the authentication checks are currently down, and the Login server timed out trying to reach them. If F=6, the user will never be authenticated and no valid t and p will be on the query string.

INVALID_KEY 7 The Ticket or Profile cookie was encrypted using an invalid key and cannot be decrypted.

SVC_NOT_CONFIGURED 8 An error occurred during parsing or processing the participating site's XML site configuration data on the network side.

(no internal resource name) 9 An uncategorized or unhandled exception.

KPPNONKIDSITE 10 Site specified a value for KPP other than KPP=0 in a call to the Login server but was not configured to use Microsoft Kids Passport. Sites must contact their .NET Passport sales representative to make arrangements to use the Kids Passport service.

USER_CANCELLED 11 The presence of an f= parameter on the ru query string indicates an error that must be handled by the participating site. The general guidelines that apply are:

The ru must not redirect back to .NET Passport for another authentication. Redirecting back to the Login server will cause an infinite loop.

The ru may inspect the value of f= to identify which error occurred. If this value is known, the participating site may choose to display special messaging for the error. This messaging should be specific to the task the user was trying to accomplish.

If the participating site does not know the value of f, the site should display a generic error message indicating that an error occurred during .NET Passport sign-in.

This error must be caught on the participating sites ru. Failure to do so will put the user in an infinite loop.

NOT_OVER_SSL 12 When using SecLvl 10 or 100, the ru must point to a site using Secure Sockets Layer (SSL).

Share via

PassportIdentity.Error

PassportIdentity.Error

Additional resources

Name	VT_I4 value	Description
BAD_REQUEST	1	The domain database received a partial request, the Site ID did not match, and so on.
OFFLINE	2	The domain database is offline and cannot handle requests.
TIMEOUT	3	The request to the domain database timed out.
LOCKED	4	The user's account is locked, the user is not signed in, or both.
NO_PROFILE	5	Not used.
DISASTER	6	The network server is not able to check the user database. If this error is received, your site should consider switching to stand-alone mode. The Login server has determined that some (although not all) of the network servers responsible for performing the steps of the authentication checks are currently down, and the Login server timed out trying to reach them. If F=6, the user will never be authenticated and no valid t and p will be on the query string.
INVALID_KEY	7	The Ticket or Profile cookie was encrypted using an invalid key and cannot be decrypted.
SVC_NOT_CONFIGURED	8	An error occurred during parsing or processing the participating site's XML site configuration data on the network side.
(no internal resource name)	9	An uncategorized or unhandled exception.
KPPNONKIDSITE	10	Site specified a value for KPP other than KPP=0 in a call to the Login server but was not configured to use Microsoft Kids Passport. Sites must contact their .NET Passport sales representative to make arrangements to use the Kids Passport service.
USER_CANCELLED	11	The presence of an f= parameter on the ru query string indicates an error that must be handled by the participating site. The general guidelines that apply are: The ru must not redirect back to .NET Passport for another authentication. Redirecting back to the Login server will cause an infinite loop. The ru may inspect the value of f= to identify which error occurred. If this value is known, the participating site may choose to display special messaging for the error. This messaging should be specific to the task the user was trying to accomplish. If the participating site does not know the value of f, the site should display a generic error message indicating that an error occurred during .NET Passport sign-in. This error must be caught on the participating sites ru. Failure to do so will put the user in an infinite loop.
NOT_OVER_SSL	12	When using SecLvl 10 or 100, the ru must point to a site using Secure Sockets Layer (SSL).