IdentityModel Exceptions
This topic lists all exceptions generated by IdentityModel.
Exception List
| Resource Code | Current String |
|---|---|
ValueMustBeOf2Types |
The value of this argument must be one of these two types. |
SAMLSubjectNameIdentifierRequiresNameValue |
The 'Name' specified for a SamlNameIdentifier cannot be null or of length 0. |
TraceCodeIssuanceTokenProviderEndSecurityNegotiation |
The IssuanceTokenProvider has completed the security negotiation. |
TraceCodeSecurityNewServerSessionKeyIssued |
A new security session key was issued by the server. |
SAMLAttributeMissingNameAttributeOnRead |
The 'Name' for the SamlAttribute being read is missing or is of length 0. |
UnknownICryptoType |
The ICrypto implementation is not supported. |
TraceCodeSecurityTokenProviderClosed |
Security Token Provider was closed. |
SAMLUnableToLoadAdvice |
Failed to load the <saml:advice> element. |
SAMLAuthenticationStatementMissingAuthenticationMethodOnRead |
The 'AuthenticationMethod' attribute being read for a SamlAuthenticationStatement is missing or of length 0. |
UnsupportedTransformAlgorithm |
Unsupported transform or canonicalization algorithm. |
SAMLAudienceRestrictionShouldHaveOneAudience |
A SamlAudienceRestrictionCondition must contain at least one Audience (URI). |
SAMLEvidenceShouldHaveOneAssertion |
SamlEvidence must reference at least one SamlAssertion either by Id or reference. |
SAMLAudienceRestrictionInvalidAudienceValueOnRead |
The SamlAudienceRestrictionCondition being read is missing a value in the 'Audience' element. |
X509ChainBuildFail |
The specific X.509 certificate chain building failed. The certificate that was used has a trust chain that cannot be verified. Replace the certificate or change the certificateValidationMode. |
XDCannotFindValueInDictionaryString |
The specific value id not found in the dictionary string. |
TraceCodeImportSecurityChannelBindingEntry |
Starting Security ImportChannelBinding. |
PrivateKeyExchangeNotSupported |
The private key does not support the exchange KeySpec. |
TokenProviderUnableToGetToken |
The specific token provider was unable to provide a security token. |
SAMLEntityCannotBeNullOrEmpty |
The specific SamlAssertion entity cannot be null or empty. |
SAMLAssertionRequireOneStatement |
A SamlAssertion requires at least one statement. Ensure that you have added at least one SamlStatement to the SamlAssertion you are creating. |
AESInvalidInputBlockSize |
The input size must be a multiple of specific bytes. |
AESCryptAcquireContextFailed |
Failed to acquire the CSP context. |
SAMLAssertionRequireOneStatementOnRead |
The SamlAssertion being read did not contain any SamlStatement. A SamlAssertion must contain at least one SamlStatement. |
TraceCodeSecuritySessionClosedFaultReceived |
The client security session received a session closed fault from the server. |
TraceCodeIssuanceTokenProviderRedirectApplied |
IssuanceTokenProvider applied a redirection header. |
TraceCodeSecuritySessionClosedFaultSendFailure |
A failure occurred when sending a security session closed fault to the client. |
ValueMustBeZero |
The value of this argument must be 0. |
SAMLUnableToResolveSignatureKey |
Unable to resolve SecurityKeyIdentifier found in the SamlAssertion signature. The SamlAssertion signature cannot be validated for the specific Issuer. |
X509IsNotInTrustedStore |
The specific X.509 certificate is not in the trusted people store. |
SAMLElementNotRecognized |
The specific element is not supported. |
SAMLAuthorizationDecisionStatementMissingResourceAttributeOnRead |
The 'Resource' attribute for the SamlAuthorizationDecisionStatement being read is missing or of length 0. |
SamlTokenMissingSignature |
The SamlAssertion is not signed. SamlAssertions can be signed by setting the SigningCredentials. |
ExpectedElementMissing |
The expected element with the specific namespace is missing. |
NoKeyIdentifierClauseFound |
No clause of the specific type was found in the SecurityKeyIdentifier. |
MissingPrivateKey |
The private key is not present in the X.509 certificate. |
UnexpectedEOFFromReader |
Unexpected EOF from XML reader. |
UnsupportedKeyDerivationAlgorithm |
The specific key derivation algorithm is not supported. |
TokenDoesNotSupportKeyIdentifierClauseCreation |
The specific token does not support the specific key identifier clause creation. |
LastMessageNumberExceeded |
A violation of sequence number protocol has been detected. |
SymmetricKeyLengthTooShort |
The length of the symmetric key specified is too short. |
SAMLAuthorityBindingMissingAuthorityKindOnRead |
The SamlAuthorityBinding being read was found to contain an 'AuthorityKind' that was missing or of length 0. This is not allowed. |
XmlTokenBufferIsEmpty |
XmlTokenBuffer is empty. |
InvalidXmlQualifiedName |
An Xml qualified name was expected, but an invalid name was found. |
SAMLAuthorityKindMissingName |
The XmlQualifiedName that represents the 'AuthorityKind' in the SamlAuthorityBinding cannot be null or of length 0. |
AESCryptEncryptFailed |
Failed to encrypt the specific data. |
AuthorizationContextCreated |
Authorization Context with the specific id is created. |
SamlSerializerUnableToReadSecurityKeyIdentifier |
The SamlSerializer does not contain a SecurityTokenSerializer capable of reading the SecurityKeyIdentifier. If you are using a custom SecurityKeyIdentifier, you must provide a custom SecurityTokenSerializer. |
TraceCodeIssuanceTokenProviderServiceTokenCacheFull |
IssuanceTokenProvider reduced the service token cache. |
TraceCodeSecurityTokenProviderOpened |
Security Token Provider was opened. |
PublicKeyNotRSA |
The public key is not an RSA key. |
InvalidReaderState |
The specific state is invalid for the supplied input reader. |
UnableToResolveReferenceUriForSignature |
Unable to resolve the specific URI in the signature to compute the digest. |
EmptyBase64Attribute |
An empty value was found for the required base64 attribute name and namespace. |
SAMLSubjectRequiresConfirmationMethodWhenConfirmationDataOrKeyInfoIsSpecified |
The SAML SubjectConfirmation requires a Confirmation method when the Confirmation Data or KeyInfo is specified. |
SAMLAudienceRestrictionShouldHaveOneAudienceOnRead |
The SamlAudienceRestrictionCondition being read must contain at least one 'Audience' value. None were found. |
TokenProviderUnableToRenewToken |
The specific token provider was unable to renew the security token. |
AESIVLengthNotSupported |
The specific bits IV is not supported. Only 128 bits IV is supported. |
SAMLAuthorityBindingMissingAuthorityKind |
A SamlAuthorityBinding must contain an 'AuthorityKind' that is not null. |
TraceCodeSecuritySessionDemuxFailure |
The incoming message is not part of an existing security session. |
TokenRenewalNotSupported |
The specific token provider does not support token renewal. |
AtLeastOneReferenceRequired |
At least one reference is required in a signature. |
SAMLSignatureAlreadyRead |
The signature is already read in the SAML assertion. |
AlgorithmAndPrivateKeyMisMatch |
The algorithm specified and the private key do not match. |
EmptyTransformChainNotSupported |
The empty transform chain is not supported. |
SspiWrapperEncryptDecryptAssert1 |
SSPIWrapper::EncryptDecryptHelper|'offset' is out of range. |
SspiWrapperEncryptDecryptAssert2 |
SSPIWrapper::EncryptDecryptHelper|'size' is out of range. SecurityTokenManagerCannotCreateAuthenticatorForRequirement=The security token manager cannot create a token authenticator for the specific requirement. |
UnableToCreateKeyedHashAlgorithm |
Unable to create a KeyedHashAlgorithm from the specific value for the specific signature algorithm. |
SAMLUnableToLoadAssertion |
The <saml:assertion> element failed to load. |
X509FindValueMismatchMulti |
The specific X509FindType requires the type of the argument findValue to be one of the 2 values. The argument findValue is of another type. |
TraceCodeSecurityIdentityDeterminationSuccess |
Identity was determined for an EndpointAddress. |
UndefinedUseOfPrefixAtElement |
The specific prefix that is used at the element has no namespace defined. |
TraceCodeSecuritySessionResponderOperationFailure |
Security session operation failed at the server. |
CannotFindCert |
Unable to find the X.509 certificate using the specific search criteria: StoreName , StoreLocation, FindType, FindValue. |
X509InvalidUsageTime |
The specific X.509 certificate usage time is invalid. The usage time does not fall between the required NotBefore time and NotAfter time. |
TraceCodeSecurityIdentityDeterminationFailure |
Identity cannot be determined for an EndpointAddress. |
AsyncObjectAlreadyEnded |
The End method has already been called on this asynchronous result object. |
ExternalDictionaryDoesNotContainAllRequiredStrings |
The external dictionary does not contain definitions for all the required strings. The specific string is not available in the remote dictionary. |
TraceCodeSecuritySessionKeyRenewalFaultReceived |
The client security session received a key renewal fault from the server. |
SAMLActionNameRequired |
The string that represents the SamlAction cannot be null or of length 0. |
SignatureVerificationFailed |
The signature verification failed. |
TraceCodeSecurityContextTokenCacheFull |
The SecurityContextSecurityToken cache is full. |
SAMLAssertionMissingMajorVersionAttributeOnRead |
The MajorVersion for the SamlAssertion being read is missing or is of length 0. |
SamlAttributeClaimRightShouldBePossessProperty |
This SamlAttribute constructor requires that the Right of the Claim have the value System.IdentityModel.Claims.Rights.PossessProperty. |
AuthorizationPolicyEvaluated |
Policy with the specific id is evaluated. |
SAMLUnableToLoadCondtions |
The <saml:conditions> element failed to load. |
AESKeyLengthNotSupported |
The specific bits key is not supported. Only 128, 192 and 256 bits key is supported. |
UserNameCannotBeEmpty |
The username cannot be empty. |
AlgorithmAndPublicKeyMisMatch |
The algorithm specified and the public key do not match. |
SAMLUnableToLoadCondtion |
The <saml:conditions> element failed to load. |
SamlAssertionMissingSigningCredentials |
SigningCredentials have not been set on the SamlAssertion. SamlAssertions must be signed, please set a valid SigningCredentials on the SamlAssertion to proceed. |
SspiPayloadNotEncrypted |
The binary data was not encrypted with the SSPI security context. |
SAMLAuthorizationDecisionShouldHaveOneActionOnRead |
The SamlAuthorizationDecisionStatement that is being read does not contain any SamlAction. |
TraceCodeSecurityBindingSecureOutgoingMessageFailure |
The security protocol cannot secure the outgoing message. |
UndefinedUseOfPrefixAtAttribute |
The specific prefix used at the specific attribute has no namespace defined. |
NoInputIsSetForCanonicalization |
No input is set for writing canonicalized output. |
TraceCodeSecurityPendingServerSessionAdded |
A pending security session is added to the server. |
AsyncCallbackException |
An AsyncCallback threw an exception. |
PrivateKeyNotRSA |
The private key is not a RSA key. |
TraceCodeSecurityClientSessionKeyRenewed |
The client security session renewed the session key. |
SAMLAuthorizationDecisionStatementMissingDecisionAttributeOnRead |
The 'Decision' for the SamlAuthorizationDecisionStatement being read is missing or of length 0. |
SAMLAttributeNameAttributeRequired |
The 'Name' specified for a SamlAttribute cannot be null or of length 0. |
SamlSerializerRequiresExternalSerializers |
The SamlSerializer requires a SecurityTokenSerializer to serialize the SecurityKeyIdentifier present in the token. |
UnableToResolveKeyReference |
The token resolver is unable to resolve the specific security key reference. |
UnsupportedKeyWrapAlgorithm |
The specific key wrap algorithm is not supported. |
SAMLAssertionMissingIssuerAttributeOnRead |
The 'Issuer' for the SamlAssertion being read is missing or is of length 0. |
TraceCodeIssuanceTokenProviderUsingCachedToken |
The IssuanceTokenProvider used the cached service token. |
AESCryptGetKeyParamFailed |
Failed to get the specific key parameter. |
InvalidNamespaceForEmptyPrefix |
The namespace is invalid for the empty prefix. |
AESCipherModeNotSupported |
The specific cipher mode is not supported. Only CBC is supported. |
ArgumentCannotBeEmptyString |
The argument must be a non-empty string. |
SAMLAssertionMissingMinorVersionAttributeOnRead |
The MinorVersion for the SamlAssertion being read is missing or is of length 0. |
SpecifiedStringNotAvailableInDictionary |
The specified string is not an entry in the current dictionary. |
KerberosApReqInvalidOrOutOfMemory |
The AP-REQ is invalid or the system does not have enough memory. |
FailLogonUser |
The LogonUser failed for the specified user. Ensure that the user has a valid Windows account. |
ValueMustBeNonNegative |
The value of this argument must be non-negative. |
X509ValidationFail |
The specified X.509 certificate validation failed. |
TraceCodeSecuritySessionRequestorOperationSuccess |
The security session operation completed successfully at the client. |
SAMLActionNameRequiredOnRead |
The string that is read for the SamlAction is missing or is of length 0. |
KerberosMultilegsNotSupported |
Identity is specified as UPN. Authenticating a service running under a user account requires Kerberos multi-legs, which is unsupported. |
SAMLAssertionIdRequired |
The 'assertionId' for a SamlAssertion cannot be null or empty. |
InvalidOperationForWriterState |
The specified operation is invalid in the specified XmlWriter state. |
CannotValidateSecurityTokenType |
The specified security token authenticator cannot validate a token of the specified type. |
X509FindValueMismatch |
The specified X509FindType requires the type of the argument findValue to be the specified value. The argument findValue is of another type. |
TraceCodeSecurityClientSessionCloseSent |
A Close message was sent by the client security session. |
SuiteDoesNotAcceptAlgorithm |
The specified algorithm is not accepted for the specified operation by the specified algorithm suite |
TraceCodeSecuritySessionRequestorOperationFailure |
The client security session operation failed. |
SAMLUnableToLoadStatement |
Failed to load a SamlStatement. |
InnerReaderMustBeAtElement |
The inner reader must be at the element. |
UnableToCreateTokenReference |
Unable to create a security token reference. |
TraceCodeSecurityBindingIncomingMessageVerified |
The security protocol verified the incoming message. |
ObjectIsReadOnly |
The object is read-only. |
TraceCodeSecurityClientSessionPreviousKeyDiscarded |
The client security session discarded the previous session key. |
SAMLTokenTimeInvalid |
The SamlToken is not time valid. The current time is outside the Effective and Expiration time of the token. |
TraceCodeSecurityIdentityVerificationSuccess |
Identity verification succeeded. |
SigningTokenHasNoKeys |
The specified signing token has no keys. |
TraceCodeSecurityIdentityVerificationFailure |
Identity verification failed. |
AESCryptImportKeyFailed |
Failed to import the key material. |
FailInitializeSecurityContext |
InitializeSecurityContent failed. Ensure the service principal name is correct. |
TraceCodeStreamSecurityUpgradeAccepted |
The stream security upgrade was accepted successfully. |
SAMLAuthorityBindingRequiresLocation |
The 'Location' attribute that is specified on the SamlAuthorityBinding cannot be null or of length 0. |
PublicKeyNotDSA |
The public key is not a DSA key. |
ImpersonationLevelNotSupported |
The authentication modes using Kerberos do not support the specified impersonation level. Specify a valid identification or impersonation level. |
RequiredTargetNotSigned |
The element with the specified id is required to be signed, but was not. |
SAMLAuthenticationStatementMissingAuthenticationInstanceOnRead |
The 'AuthenticationInstant' attribute being read for a SamlAuthenticationStatement is missing or of length 0. |
SAMLEvidenceShouldHaveOneAssertionOnRead |
The SamlEvidence being read did not contain either a reference to or an embedded SamlAssertion. |
LengthOfArrayToConvertMustGreaterThanZero |
The length of the array to convert to an integer must be greater than 0. |
InvalidAsyncResult |
Invalid AsyncResult. |
TraceCodeIssuanceTokenProviderRemovedCachedToken |
The IssuanceTokenProvider removed the expired service token. |
IncorrectUserNameFormat |
The username is in an invalid format. The username format must be in the form of "username' or 'domain\\username'. |
TraceCodeExportSecurityChannelBindingEntry |
Starting Security ExportChannelBinding. |
UnsupportedInputTypeForTransform |
The specified input type is not supported for the transform. |
CannotFindDocumentRoot |
Cannot find the root of the document. |
XmlBufferQuotaExceeded |
The size necessary to buffer the XML content exceeded the buffer quota. |
TraceCodeSecuritySessionClosedResponseSendFailure |
A failure occurred when sending a security session Close response to the client. |
UnableToResolveReferenceInSamlSignature |
Unable to resolve the specified reference in the SAML signature with AssertionID. |
SAMLSubjectRequiresNameIdentifierOrConfirmationMethod |
A SamlSubject requires that a 'NameIdentifier' or 'ConfirmationMethod' be specified. Both were missing. |
SAMLAttributeMissingNamespaceAttributeOnRead |
The 'Namespace' for the SamlAttribute being read is missing or of length 0. |
SAMLSubjectConfirmationClauseMissingConfirmationMethodOnRead |
A 'ConfirmationMethod' cannot be found on the SamlSubjectConfirmation being read. |
SecurityTokenRequirementHasInvalidTypeForProperty |
The token requirement has an unexpected type for the specified property. The expected property type is of another value. |
TraceCodeNegotiationTokenProviderAttached |
NegotiationTokenProvider was attached. |
TraceCodeSpnegoClientNegotiationCompleted |
SpnegoTokenProvider completed SSPI negotiation. |
SAMLUnableToLoadUnknownElement |
The selected SamlSerializer is unable to deserialize this element. Please register a custom SamlSerializer to deserialize custom elements. |
CreateSequenceRefused |
The create sequence request has been refused by the RM Destination. |
TraceCodeSecuritySessionRedirectApplied |
The client security session was redirected. |
SecurityTokenRequirementDoesNotContainProperty |
The token requirement does not contain the specified property. |
SAMLAttributeValueCannotBeNull |
One of the attributeValues found in the SamlAttribute was found to be a null value. Ensure that lists are not null when creating the SamlAttribute. |
ValueMustBeGreaterThanZero |
The value of this argument must be greater than 0. |
TraceCodeNegotiationAuthenticatorAttached |
NegotiationTokenAuthenticator was attached. |
ValueMustBePositive |
|
SAMLAuthorizationDecisionShouldHaveOneAction |
A SamlAuthorizationDecisionStatement must have at least one SamlAction. |
TraceCodeSecurityTokenAuthenticatorClosed |
Security Token Authenticator was closed. |
TraceCodeSecurityAuditWrittenSuccess |
The security audit log is written successfully. |
PrivateKeyNotDSA |
The private key is not a DSA key. |
MessageNumberRollover |
The maximum sequence number for this sequence has been exceeded. |
AESPaddingModeNotSupported |
The specified padding mode is not supported. Only PKCS7 and ISO10126 is supported. |
SAMLSubjectRequiresNameIdentifierOrConfirmationMethodOnRead |
The required 'NameIdentifier' and the 'ConfirmationMethod' elements are not found for the SamlSubject being read. |
TraceCodeSecurityAuditWrittenFailure |
A failure occurred while writing to the security audit log. |
UnsupportedCryptoAlgorithm |
The specified crypto algorithm is not supported in this context. |
SigningTokenHasNoKeysSupportingTheAlgorithmSuite |
The signing token has no key that supports the specified algorithm suite. |
SAMLNameIdentifierMissingIdentifierValueOnRead |
The 'Identifier' string for the SamlNameIdentifier being read is missing. |
SAMLSubjectStatementRequiresSubject |
The SAML Subject Statement requires a SAML subject to be specified. |
TraceCodeSslClientCertMissing |
The remote SSL client failed to provide a required certificate. |
SAMLTokenVersionNotSupported |
The specified major version and minor version are not supported. |
TraceCodeConfigurationIsReadOnly |
The configuration is read-only. |
TraceCodeSecuritySessionRenewFaultSendFailure |
A failure occurred when sending a renewal fault on the security session key to the client. |
TraceCodeSecurityInactiveSessionFaulted |
An inactive security session was faulted by the server. |
SAMLUnableToLoadAttribute |
Failed to load a SamlAttribute. |
Psha1KeyLengthInvalid |
The specified PSHA1 key length is invalid. |
KeyIdentifierCannotCreateKey |
This SecurityKeyIdentifier does not have any clause that can create a key. |
X509IsInUntrustedStore |
The specified X.509 certificate is in an untrusted certificate store. |
UnexpectedXmlChildNode |
The specified XML child node of specified type is unexpected for the specified element. |
TokenDoesNotMeetKeySizeRequirements |
The key size requirements for the specified algorithm suite are not met by the specified token. |
TraceCodeSecuritySessionRequestorStartOperation |
A security session operation was started at the client. |
InvalidHexString |
Invalid hexadecimal string format. |
SamlAttributeClaimResourceShouldBeAString |
This SamlAttribute constructor requires that the resource of the claim is of type 'string'. |
SamlSigningTokenNotFound |
The SamlAssertion is signed but the token that signed the SamlAssertion cannot be found. Ensure that the SecurityTokenResolver contains the token that signed the SamlAssertion. |
TraceCodeSecuritySpnToSidMappingFailure |
The ServicePrincipalName could not be mapped to a SecurityIdentifier. |
UnableToCreateSignatureFormatterFromAsymmetricCrypto |
Unable to create a signature formatter for the specified algorithm from the specified asymmetric crypto. |
TraceCodeSecurityServerSessionClosedFaultSent |
The server security session sent a session closed fault to the client. |
UnableToFindPrefix |
Unable to find the prefix for the specified visibly used prefix at the specified element. |
TraceCodeSecurityTokenAuthenticatorOpened |
Security Token Authenticator was opened. |
RequiredAttributeMissing |
The specified attribute is required on the specified element. |
LocalIdCannotBeEmpty |
The localId cannot be empty. Specify a valid 'localId'. |
ValueMustBeInRange |
The value of this argument must fall within the specified range. |
TraceCodeIssuanceTokenProviderBeginSecurityNegotiation |
IssuanceTokenProvider started a new security negotiation. |
InvalidNtMapping |
The specified X.509 certificate cannot be mapped to a Windows account. The UPN subject alternate name is required. |
AESCryptSetKeyParamFailed |
Failed to set the specified key parameter. |
TraceCodeSecuritySessionClosedResponseReceived |
The client security session received a closed response from the server. |
UnableToCreateSignatureDeformatterFromAsymmetricCrypto |
Unable to create a signature deformatter for the specified algorithm from the specified asymmetric crypto. |
TraceCodeIdentityModelAsyncCallbackThrewException |
An asynchronous callback threw an exception. |
LengthMustBeGreaterThanZero |
The length of this argument must be greater than 0. |
FoundMultipleCerts |
Found multiple X.509 certificates using the specified search criteria: StoreName, StoreLocation, FindType, FindValue. Provide a more specific find value. |
AtLeastOneTransformRequired |
The Transforms element must contain at least one transform. |
SAMLTokenNotSerialized |
The SamlAssertion could not be serialized to XML. Please see inner exception for details. |
TraceCodeSecurityBindingOutgoingMessageSecured |
The security protocol secured the outgoing message. |
KeyIdentifierClauseDoesNotSupportKeyCreation |
This SecurityKeyIdentifierClause does not support key creation. |
UnableToResolveTokenReference |
The token resolver is unable to resolve the specified token reference. |
UnsupportedEncryptionAlgorithm |
The specified encryption algorithm is not supported. |
SamlSerializerUnableToWriteSecurityKeyIdentifier |
The SamlSerializer does not contain a SecurityTokenSerializer capable of serializing the given SecurityKeyIdentifier. If you are using a custom SecurityKeyIdentifier, you must provide a custom SecurityTokenSerializer. |
SAMLAttributeShouldHaveOneValue |
No attribute values were found. A SamlAttribute attribute must have at least one attribute value. |
TraceCodeSecurityBindingVerifyIncomingMessageFailure |
Security protocol cannot verify the incoming message. |
SamlSigningTokenMissing |
The SamlAssertion passed to the SamlSecurityTokenAuthenticator does not contain a signing token. |
NoPrivateKeyAvailable |
No private key is available. |
ValueMustBeOne |
The value of this argument must be 1. |
TraceCodeSecurityPendingServerSessionRemoved |
A pending security session was made active by the server. |
TraceCodeImportSecurityChannelBindingExit |
Finished Security ImportChannelBinding. |
X509CertStoreLocationNotValid |
The StoreLocation must be either LocalMachine or CurrentUser. |
SettingdMayBeModifiedOnlyWhenTheWriterIsInStartState |
The writer settings may be modified only when the writer is in the Start state. |
ArgumentInvalidCertificate |
The certificate is invalid. |
DigestVerificationFailedForReference |
Digest verification failed for the specified Reference. |
SAMLAuthorityBindingRequiresBinding |
The 'Binding' attribute specified on the SamlAuthorityBinding cannot be null or of length 0. |
AESInsufficientOutputBuffer |
The output buffer must be greater than the specified bytes. |
SAMLAuthorityBindingMissingBindingOnRead |
The 'Binding' attribute for the SamlAuthorityBinding being read is missing or of length 0. |
SAMLAuthorityBindingInvalidAuthorityKind |
The SamlAuthorityBinding being read has an invalid AuthorityKind. The format of the AuthorityKind must be a QName. |
ProvidedNetworkCredentialsForKerberosHasInvalidUserName |
The NetworkCredentials provided for the Kerberos Token does not have a valid UserName. |
SSPIPackageNotSupported |
The specified SSPI package is not supported. |
TokenCancellationNotSupported |
The specified token provider does not support token cancellation. |
UnboundPrefixInQName |
An unbound prefix is used in the specified qualified name. |
SAMLAuthorizationDecisionResourceRequired |
The 'resource' specified to the SamlAuthorizationDecisionStatement cannot be null or of length 0. |
TraceCodeSecurityNegotiationProcessingFailure |
Service security negotiation processing failure. |
SAMLAssertionIssuerRequired |
The 'Issuer' specified for a SamlAssertion cannot be null or empty. |
UnableToCreateHashAlgorithmFromAsymmetricCrypto |
Unable to create a HashAlgorithm for the specified algorithm from the specified asymmetric crypto. |
SamlUnableToExtractSubjectKey |
The SecurityKeyIdentifier that was found in the SamlSubject cannot be resolved to a SecurityToken. The SecurityTokenResolver must contain a SecurityToken that the SecurityKeyIdentifier resolves to. |
ChildNodeTypeMissing |
The specified XML element does not have a child of the specified type. |
TraceCodeSecurityPendingServerSessionClosed |
The pending security session was closed by the server. |
TraceCodeSecuritySessionCloseResponseSent |
The server security session sent a Close response to the client. |
TraceCodeSecurityIdentityHostNameNormalizationFailure |
The HostName portion of an endpoint address cannot be normalized. |
FailAcceptSecurityContext |
The AcceptSecurityContext failed. |
EmptyXmlElementError |
The specified element cannot be empty. |
PrefixNotDefinedForNamespace |
A prefix for the specified namespace is not defined in this context and cannot be declared. |
SAMLAuthorizationDecisionHasMoreThanOneEvidence |
The SamlAuthorizationDecisionStatement being read was found to contain more than one Evidence. This is not allowed. |
SamlTokenAuthenticatorCanOnlyProcessSamlTokens |
The SamlSecurityTokenAuthenticator can only process SamlSecurityTokens. The specified SecurityTokenType was received . |
SAMLAttributeStatementMissingAttributeOnRead |
The SamlAttributeStatement being read does not contain any 'SamlAttribute' elements. This is not allowed. |
CouldNotFindNamespaceForPrefix |
Cannot look up the namespace for the specified prefix. |
TraceCodeExportSecurityChannelBindingExit |
Finished Security ExportChannelBinding. |
AESCryptDecryptFailed |
Failed to decrypt the specified data. |
SAMLAttributeNamespaceAttributeRequired |
The 'Namespace' specified for a SamlAttribute cannot be null or of length 0. |
TraceCodeSpnegoServiceNegotiationCompleted |
SpnegoTokenAuthenticator completed SSPI negotiation. |
TraceCodeSecurityServerSessionRenewalFaultSent |
The server security session sent a key renewal fault to the client. |
AlgorithmMismatchForTransform |
A mismatch occurred on the algorithm for the transform. |
UserNameAuthenticationFailed |
Authentication of a username/password using the specified mechanism failed. User is not authenticated. |
SamlInvalidSigningToken |
The SamlAssertion has been signed with a token that was not validated according to the protocol. If you are using X.509 certificates, examine your validation semantics. |
TraceCodeSecurityServerSessionKeyUpdated |
The security session key was updated by the server. |
TraceCodeSecurityServerSessionCloseReceived |
The server security session received a Close message from the client. |
SAMLAuthenticationStatementMissingSubject |
The SamlAuthenticationStatement is missing the required SamlSubjectStatement. |
UnexpectedEndOfFile |
Unexpected end of file. |
UnsupportedAlgorithmForCryptoOperation |
The specified algorithm is not supported for the specified operation. |
XmlLangAttributeMissing |
The required xml:lang attribute is missing. |
TraceCodeSecurityImpersonationSuccess |
Security Impersonation succeeded at the server. |
SAMLAuthorityBindingMissingLocationOnRead |
The 'Location' attribute for the SamlAuthorityBinding being read is missing or of length 0. |
SAMLAttributeStatementMissingSubjectOnRead |
The 'SamlSubject' element for the SamlAttributeStatement is missing. |
SAMLAuthorizationDecisionStatementMissingSubjectOnRead |
The 'SamlSubject' element for SamlAuthorizationDecisionStatement being read is missing. |
SAMLBadSchema |
While reading a SamlAssertion this specified element was found not to comply with the schema. |
SAMLAssertionIDIsInvalid |
The specified 'assertionId' for a SamlAssertion must start with a letter or '_'. |
TraceCodeSecurityActiveServerSessionRemoved |
An active security session was removed by the server. |
UnableToCreateKeyedHashAlgorithmFromSymmetricCrypto |
Unable to create a keyedHashAlgorithm for the specified algorithm from the specified symmetric crypto. |
SAMLAuthenticationStatementMissingAuthenticationMethod |
The 'AuthenticationMethod' specified for a SamlAuthenticationStatement cannot be null or of length 0. |
TraceCodeSecurityImpersonationFailure |
Security impersonation failed at the server. |
Default |
(Default) |
UnsupportedNodeTypeInReader |
The specified node type with the specified name is not supported. |