Unhandled exception after applying security update KB2416473

January 09, 2012

Unhandled exception after applying security update KB2416473

Note: This known issue was fixed in 6.2 rev. 101105 (Update-5), 6.3 rev. 101022 (Update-3), and 6.4 rev. 101124 (Update-1).

Reference number: 334587

Publishing Date: Oct 01, 2010

After installing an update from Microsoft that addresses the ASP.NET security issue described in Microsoft Security Advisory (2416728), Sitecore CMS may be throwing unhandled “HttpException: Unable to validate data” errors when previously authenticated users are trying to access the application.

This is caused by Sitecore CMS trying to authenticate a user using the ASP.NET authentication cookies that may still be contained in the web browser, but are no longer considered valid by ASP.NET.

Workaround:

Copy the Sitecore.Support.334587.dll file to the "/bin" folder of your solution.
In the web.config file, replace the line
<add name="forms" type="Sitecore.Security.Authentication.FormsAuthenticationProvider, Sitecore.Kernel" />

with
<add name="forms" type="Sitecore.Support.Security.Authentication.FormsAuthenticationProvider, Sitecore.Support.334587"/>

Search This Blog

My learning experiences...

Unhandled exception after applying security update KB2416473

Comments

Post a Comment

Popular Posts

no segments* file found in Sitecore.Data.Indexing.FSDirectory@D:\Inetpub\wwwroot\Website\indexes\master\custom:

SQLServer: Something about "UNION", "INTERSECT" and "EXCEPT"