I was deploying a web application and I encountered a scenario where the application was not running after deploying. When I made little tweak to the value of 'audienceUri' element, it worked fine.
The 'tweak' that I made was that I changed all characters to small letters. That's it, nothing else. And it worked. I tried changing it back to the original (including few capital letters) and again it failed. When I switched all characters to small letters, it worked again.
So my question here is, does the value of an 'audienceUri' in the system.identityModel element in web.config HAVE to be in all small letters?
I had a directory inside a website named "Web" but when I gave the value as "http://site.domain.com/Web " (With a capital 'W' for Web), it failed. When I changed the value to all small letters, it worked! So does it have to be in all small letters? If so, can someone explain the reason (if any) for that?
Thanks.
The audienceUri value in and of itself does not have a case restriction, as I understand it. However, if you have other references to this value the references need to match. For example, if I have a passive authentication situation with ws-federation I may have the below configuration:
<system.identityModel.services>
<federationConfiguration>
<wsFederation ...other attributes... realm="http:// yoursitehere" ...other attributes... />
</federationConfiguration>
</system.identityModel.services>
This realm value would need to match the associated audienceUri value. So both could read yoursitehere, or YOURSITEHERE, or any other combination, however the associated values need to match. In this case if the values did not match the resulting error would be:
ID1038: The AudienceRestrictionCondition was not valid because the specified Audience is not present in AudienceUris.
Audience: 'http:// yoursitehere' (showing the value from my realm attribute in the wsFederation node)
Hope That Helps.
