.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Claims Authentication : Access Denied

Posted By:      Posted Date: September 27, 2010    Points: 0   Category :SharePoint

I have a custom SecurityTokenService implemented and the SPTrustedLoginProvider added to my farm.  I've also implemented a custom SPClaimProvider that allows me to use the People Picker to give users permissions on the site.  Everything seems to be working fine up to a point.  When I go to my site and choose the correct login method I am redirected to the STS, login there and then get redirected back to my SharePoint site.  The problem is that I get an access denied error with message 'You are currently signed in as:  <Unique User ID FROM STS>'.  I get this even after adding the associated user as a member of the site.  If I add 'All Users (Custom STS)' as a member of the site I can login just fine.


So, what could be the disconnect between giving a user permissions and then logging in as that user?

View Complete Post

More Related Resource Links

Claims Based Authentication - Access Denied for NTLM - Network Related



We have setup a test SharePoint environment on a single box. If we create a new classic authentication web application using NTLM the site works fine, and recognizes AD users correctly. Users can then login successfully. If we create a new claims based authentication web application using NTLM all users receive an Access Denied error when trying to view the site. The application will recognize AD users when applying permissions in Central Admin's User Policy section, but none of those users are able to access the site.

If I turn on Fiddler Capture, the sites will work fine. Once I turn it off the sites no longer work and we are again presented with an Access Denied exception (or sometimes 403 Forbidden in Firefox and Chrome). I know that Fiddler create a local proxy so I'm curious what that proxy is doing that allows claims based to work correctly.

Has anyone seen this before? Does this sound Firewall/Antivirus related? Client or server?

Thank you,



Changed to claims based authentication, now I can't access my site. Please help! Time is of the ess

I am in a pretty big bind. I have a sharepoint 2010 site, that was using classic windows authentication. It worked fine from the inside, and I was able to extend it to the outside and it was using https with an SSL certificate. However, my performancepoint reports and my external lists weren't working when the site was accessed from the outside. Apparently this is a known issue with using classic authentication on the outside, so I tried to switch over to claims based authentication. I followed this guide: http://blogs.technet.com/b/wbaer/ar...point-2010.aspx I obviously changed the contoso stuff to my domain name, and changed all of the config files. The problem is, now I can't access the site at all from the inside or the outside. Here is the error I get in my logs: code: An exception occurred when trying to issue security token: Could not connect to [url]http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc/actas.[/url] TCP error code 10061: No connection could be made because the target machine actively refused it . My Sharepoint Central Administration site gives me this warning: code: The Security Token Service is not issuing tokens. The service could be malfunctioning or in a bad state. Remedy Administrator should try to restart the Security Token Service on the boxes where it is not issuing tokens. If problem persists, f

Claim Authentication - access denied for central administration sites



I have configured Sharepoint 2010 für claim based form authentication following all steps in technet articel. But after modification of web.config of central administation site, access to adminitration is denied for my windows administator account.

I am not sure that Sharepoint connects to LDAP server correctly. I have not understood the mechanisme Sharepoint connects to LDAP server. No user account/password for authentification Sharepoint server against LDAP server have to be configured!? Is that true or do I have to make additional settings in LDAP server?

Thank you for any hint.


Using windows authentication to access SQL when using ASP.NET 4.0 via COM+


I am using SQL Server 2008 under windows authentication, front end is ASP.NET which uses COM+ to access database.

COM+ components are configured to run as domain user.

When looking through the logs (SQL Profiler), I can see the login name as the configured identity instead of windows indentity.

I have got Website running under "Intergrated Windows Authentication" and database is running locally on webserver.

Web configure contains entry for <identity impersonate="true"/>.

My connection string is

connectionString="data source=db01\test01;initial catalog=test; integrated security=SSPI;persist security info=False; Trusted_Connection=Yes"

Any ideas?




Access to report file denied. Another program may be using it.


Migrated from Windows 2000 ASP.NET 1.1 to Windows 2003, ASP.NET 2.0 and had this error. All the forums/MSDN/Blogs says to give Read/Write Access to C:\Windows\Temp folder. Why should we give Full Access to some folder in Production server?? In windows 2000, ASP.NET 2.0 development machine, no files are created when we run crystal reports from aspx pages. Then why in Windows 2003 servers, we need to give rights to temp folder?? It is a simple code


And the code is not storing anything on the disk. Then why should it store the GUID.rpt file in Temp file in Windows 2003 server?? Any alternative is there not to store anything on the disk when Crystal Reports are opened in aspx page??


"Access is denied. Check that the Default Content Access Account has access to this content"


Our search is not working. The crawl log indicates following error: "Access is denied. Check that the Default Content Access Account has access to this content, or add a crawl rule to crawl this content. (The item was deleted because it was either not found or the crawler was denied access to it.)".


If I check the event viewer, it indicates following error: "Login failed for user 'NT AUTHORITY\NETWORK SERVICE'. [CLIENT: <local machine>]"


My default content access account is another one than this NT AUTHORITY\NETWORK SERVICE account. The content access account password is correct. Apparently this content access account is translated to the NETWORK SERVICE account upon a crawl. And this network service account doesn't has the appropriate rights on database level. How can I fix this?


Access Denied with SPControlMode.New and RunWithElevatedPriviliges


I am trying to add MultipleLookupField to a webpart I am developing. It works fine as long as the user has Add permission on the list it points to: here is the code:

private MultipleLookupField _multiplelookupKeywords = new MultipleLookupField();
protected override void CreateChildControls()
Guid guidSite = SPContext.Current.Site.ID;
Guid guidWeb = SPContext.Current.Web.ID;
    using (SPSite site = new SPSite(guidSite))
        using (SPWeb web = site.OpenWeb(guidWeb))
  SPList listTest;   
  listTest = web.Lists[ListName]; 
  _multiplelookupKeywords.ListId = listTest.ID;
                _multiplelookupKeywords.ControlMode = SPControlMode.New; //Changing this to SPControlMode.Display works fine
                _multiplelookupKeywords.RenderContext = SPContext.GetContext(web);

Asp.Net upload file access denied



I have the problem below, if anyone can help me, appreciate it.

Server Error in '/' Application.

Access to the path 'c:\Inetpub\EnewsAttFiles\employ-e-header2.jpg' is denied.

Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.

Exception Details: System.UnauthorizedAccessException: Access to the path 'c:\Inetpub\EnewsAttFiles\employ-e-header2.jpg' is denied.

ASP.NET is not authorized to access the requested resource. Consider granting access rights to the resource to the ASP.NET request identity. ASP.NET has a base process identity (typically {MACHINE}\ASPNET on IIS 5 or Network Service on IIS 6) that is used if the application is not impersonating. If the application is impersonating via <identity impersonate="true"/>, the identity will be the anonymous user (typically IUSR_MACHINENAME) or the authenticated request user.

To grant ASP.NET access to a file, right-click the file in Explorer, choose "Properties" and select the Security tab. Click "Add" to add the appropriate user or group. Hig

Access denied to folder in ASP.NET project either though I have granted all users full permissions !



i have made a very simple file upload app, that i want users to be able to upload images to a folder on my server, well localhost for the time being Stick out tongue

here is the simple upload code...

        protected void ButtonRegisterDetails_Click(object sender, EventArgs e) 
            // display properties of the uploaded file 

Access Denied error


I have read several posts where this access denied to path ex.('c:\test' ).  The only way I got this to work was adding <identity impersonate> using my credentials in the web.config file but I don't want to use my credentials all the time.  I have Windows as the authentication mode so why doesn't it work without supplying my credentials?  I tried giving Network Service account write permissions to the folder but that doesn't work either.

FileUpload Access Denied


Hi all.

I have done much research on this and am still stumped.

I have a ASP.NET 2.0 application, running on Windows 2003 Server. IIS 6.0

I am using Windows authentication , and I am not using impersonization, and I set my trust levvel to full.

<authentication mode="Windows"/>

<identity impersonate="false"/>

<trust level="Full

Sharepoint site client access denied


I have an sharepoint application which was working fine.

I encountered a license expired message in sql server enterprise evaluation 2008 version after which i changed the date to 2 months earlier date, I have also changed HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\100\ConfigurationState to 3 after which sql server started working but the issue is that the clients are unable to access the sharepoint site completely. On providing the url the web site requests for logon information and then access is denied. The same url with the same authentication credentials is accessible from the server and the entire application works fine from the server. 

From the  client the below error page appears.

You are not authorized to view this page

You do not have permission to view this directory or page using the credentials that you supplied.

Please try the following:

  • Contact the Web site administrator if you believe you should be able to view this directory or page.
  • Click the Refresh button to try again with different credentials.

HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Internet Information Services (IIS)


Sharepoint "Access denied"


I'm stuck on the sharepoint access problem now.


We are using Manged Sharepoint 2007 (a hosted version of Microsoft® Windows SharePoint Services 2007) provided by a hosting company.

With the sharepoint site, some of users can not access the site. Message:

Access denied.

You do not have permission to perform this action or access this resource


It does not offer any logon prompt.


Users who can not access the sharepoint site are usually sitting in a LAN. I think it might be blocked by their policy. Am I right? Why do they need to block this site?


Please help me with this question.

SharePoint 2007 Expiration Policy Not working : Access denied for the site


I have a SharePoint 2007 List with Expiration Enabled in Information and Policy Management. I have a datatime column ExpiryDate which i used in Expiration. On Expiration I have chose to delete the item. Through Central Admin I run the expiration by clicking "Process Expired Items now" button. I got the following error in the Windows event viewer.

Expiration Service for site http://md-rmanimaran failed.

Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))

EventID: 5016

Category: Information Policy Management 

Where I need to specify the login details to get rid of this error? Anybody Please help..




access denied Scriptresource.axd

HiMy web site does not seem to work and showing this error.I am using an ajax control toolkit update panel. When I click anything which is in the in the update panel I have the following error."access denied Scriptresource.axd" .But only in IE. With crome it works fine.I tried to google it but didn't get any concrete answer.any help??

Access to path xxx denied when uploading a file using c#

Hi I have a file upload app written in c#. The app runs on IIS on a Windows 2003 Server OS. I want the app to upload the file onto the server (The app and the server are on the same machine). This code has been working fine for a long time running on Windows Server 2000, and Windows XP Professional. Now when I moved onto Windows Server 2003, it stopped working. I have given ASPNET account full access to the folder on the server, and it still gives this error. Is this a bug in 2003, and can anybody assist me? Thanks Shane

SQL Server doesn't exist or access denied while connecting with Access 2010 ODBC

Hello all. I am using Access 2010 and SQL Server 2008 (locally). I can easily connect to server using SSMS and it works excellent. But when I want to import a table to Access 2010 using ODBC, it says that "SQL Server doesn't exist or access denied". It worked previously - almost 3 days ago, but now, it doesn't! Please help! Thanks Mohammad Javahery
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend