The error ‘The revocation function was unable to check revocation because the revocation server was offline.’ is raised when an application is trying to check if the provided certificate is valid but it is unable to connect to the revocation server. The usual cause is that the server is fire-walled and cannot connect out to… Read More »
I recently implemented a centralized security token cache and observed that although the user signs-out and the session cookie is removed from the browser the session token was never removed from the SecurityTokenCache. This is something I would never have observed if I did not implement this cache.
The authentication schemes configured on the host (‘IntegratedWindowsAuthentication’) do not allow those configured on the binding ‘WS2007HttpBinding’ (‘Anonymous’). Please ensure that the SecurityMode is set to Transport or TransportCredentialOnly. Additionally, this may be resolved by changing the authentication schemes for this application through the IIS management tool, through the ServiceHost.Authentication.AuthenticationSchemes property, in the application configuration… Read More »