.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

not able to login to Claims based auth. sweb apps in sharepoint 2010

Posted By:      Posted Date: October 07, 2010    Points: 0   Category :SharePoint

Hi till yesterday I was able to login to claim based web apps in my sharepoint 2010 server. but today they are giving below mentioned error! even though classic mode auth web apps are running fine.

Nor it allow to activate /deactivate any fature to a site collection under claims based web app with same error in event log:

Please help.

error message in event viewer:


Log Name:      Application
Source:        Microsoft-SharePoint Products-SharePoint Foundation
Date:          10/8/2010 1:30:59 PM
Event ID:      8311
Task Category: Topology
Level:         Error
User:          SHAREPOINT2010\administrator
Computer:      sharepoint2k8.sharepoint2010.com
An operation failed because the following certificate has validation errors:\n\nSubject Name: CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: 85F230FF68A8107A14667844D6741A6C2199C60E\n\nErrors:\n\n UntrustedRoot: A certificate chain processed

View Complete Post

More Related Resource Links

SharePoint 2010 Claims Based Authentication - anonymous site is prompting for CBA auth when opening

Hi, I have CBA setup successfully on my sites.  One site is setup for anonymous access and I have disabled "client integration" on that web application. I have a list of MS Office documents on a wiki.  When I click on one I am asked to either save or open or cancel.  Saving works fine but when I choose open, it launches the associated MS Office app.  I am then prompted for a login from CBA.  I can click cancel and the logon screen appears again.  After clicking cancel the 2nd time the document appears in the MS Office app, Word in this case. My question is how do I prevent my users from being prompted for a CBA login when clicking on these files and opening them in the native app on their machine?      --TR

Video: Introduction to Claims-based Security in SharePoint 2010

Learn how claims-based identity provides a common way for applications to acquire identity information from users inside their organization, in other organizations, and on the Internet. (Length: 23:46)

Claims Tips: Learning About Claims-Based Authentication in SharePoint 2010

Use these five tips for guidance in solving problems related to using and configuring claims.

Claims Walkthrough: Creating Trusted Login Providers (SAML Sign-in) for SharePoint 2010

Learn how to create a custom security token service (STS) and set up a trust relationship between a SharePoint 2010 farm and the custom STS

AutoLogin for authenticated user via LiveID in Sharepoint 2010 (Claims Based Authentication)

Hi,     Im working in integrating LiveID authentication in my Sharepoint site. Live id gives back a token of the user with which i created a dummy profile using MembershipProvider.CreateUser. Now i have to auto login the user with the profile i created, i mean i have to force login to my sharepoint site using the created dummy user details without asking the user to give username n password.Any suggestion will be a great help for me to proceed.   Thanks Saravanan Michael

SharePoint 2010 Claims Based Authenticaton site working but search is broken

Hi, I have SP 2010 sucessfully installed on a Windows 2008 R2 server with SQL Server 2008 R2.  I created local machine accounts for the following: MACHINE\mssqlservice MACHINE\sp_admin MACHINE\sp_search MACHINE\sp_farms I have setup 2 sites with public facing internet access as well as local sites. I have CBA working properly on both sites from both public and private access. My problem is that when I go to search, I am constantly redirected to an error page. I have checked all SP services on the server and they are all running as MACHINE\mssqlservice That account has proper access to all sites as well as all DB's. My search is crawling and I get one error from a long named PDF file in my site, which is OK.   My questions is if my CBA is working fine and my search is crawling, why I am not getting a results page when I search from the sites:   Here is the error I get:   Error Internal server error exception:   Troubleshoot issues with Microsoft SharePoint Foundation. Correlation ID: 5a03b730-42c2-48c9-a220-3b9d052481de Date and Time: 9/9/2010 4:45:07 PM   I am kind of stuck at this point and am not sure how to proceed.  Any help would be appreciated.        --TR

Cannot Login with Forms Based Authentication to SharePoint 2010 - Issue with the SecurityTokenServic

Please be advised I have followed the steps on http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/. I have tried to fix the following issue for a week using different farms and SharePoint 2010 installations, however I am getting the following error when trying to authenticate using Forms Based into a Claims site: Cannot get Membership Provider with name FBARoleProvider The membership provider for this process was not properly configured. You must configure the membership provider in the .config file for every SharePoint process. 1. I am certain the membership provider is configured in the SecurityTokenServiceApplication webservice as I can manage users and roles in IIS7 using the SecurityTokenServiceApplication website. 2. I am certain that membership provider is configured in the both the Claims Web Application and Central Admin as I can manage users and roles in IIS7 using their websites. 3. I know the issue is the SecurityTokenServiceApplication service as I had to set <serviceDebug includeExceptionDetailInFaults="true" /> to get the error above. 4. I can log into the Claims Based Application using windows authentication, however I am unable to see the users on the people picker despite that I can see them from the application's site on IIS

Problem with Sharepoint 2010 - Claims Auth - Windows Auth and FBA. consistent redirects back to "cho


We have sharepoint 2010 foundation site that we can successfully login with via IE, Firefox, Chrome both on the domain and externally with Claims Authentication with only Windows Auth type selected (NTLM).

Once we add FBA and use the default signin page, we can still login (we select Windows Auth from the dropdown) BUT it only works on the domain. When we try to access externally, the only browser that works is FireFox. Both Chrome and IE just constantly redirect back to the Choose Authentication dropdown screen.

We have tried for the last 2 days to sort this out. Has anyone else experience this? It looks like the default sign in page somehow doesn't set the cookie for IE and Chrome and just bounces us back to the sign in page...

Thanks for any info...

To clarify, we are not even using the FBA yet. We are trying to login only with the windows auth and domain accounts...

Accessing SharePoint 2010 with WinRM on Claims-based web application


I am trying to connect to sharepoint remotely using powershell. Things work okay when connecting to a windows authentication web application. But when i try connecting to a claims based web application, i get access denied messages. I seem to get access to the SPWeb, but when i try to access properties on the web, it errors. I think CredSSP is setup correctly (as the windows web application works). The username i am using is in the format domain\username, not sure if the claims based format needs something different i:0#.w|domain\username

$username = ""
$password = ""
$ip = "192."
$siteurl = "http://"

$creds = New-Object System.Management.Automation.PSCredential $username, (ConvertTo-

Claims Tips 3: Learning About Claims-Based Authentication in SharePoint 2010

Learn five tips that are related to claims-based authentication in SharePoint 2010, including information about packaging, retrieving REST data, adding policy, managing trusted root authorities, and resolving logon page issues.

Claims Walkthrough: Creating Claims Providers for Trusted Login Providers for SharePoint 2010

Learn how to create a claims provider for a trusted login provider, which is an external security token service (STS) that SharePoint trusts.

Claims-Based Apps: Claims-Based Authorization with WIF


Over the past few years, federated security models and claims-based access control have become increasingly popular. Platform tools in this area have also come a long way. Windows Identity Foundation (WIF) is a rich identity model framework designed for building claims-based applications and services and for supporting active and passive federated security scenarios.

Michele Leroux Bustamante

MSDN Magazine November 2009

Walkthrough: Writing a Claims Provider in SharePoint 2010

By using claims authentication, you can assign rights based on claims without knowing who a user is, or how they are authenticated. You have to know only the attributes of the user.

Sample: SharePoint 2010 Claims Provider

Download a code sample that shows how to write a claims provider in SharePoint 2010 to augment claims and provide name resolution.

Sample: SharePoint Claims-Based Authentication

Explore the code as you learn how to create a custom security token service (STS) and set up a trust relationship between a SharePoint 2010 farm and the custom STS.

SharePoint 2010 AD FS 2.0 Integration - login works then fails, looping back to the adfs server

Hello, I setup SharePoint 2010 Claims auth with AD FS 2.0 following this post: http://blogs.technet.com/b/speschka/archive/2010/07/30/configuring-sharepoint-2010-and-adfs-v2-end-to-end.aspx.  I have no access to the ADFS server, but I think they followed the steps as outlined.  If I do an iisreset (or just recycle the app pool of the SharePoint site) I can login successfully using the remote credentials.  Also I can under security in SharePoint search for and find users and roles from the remote ADFS server. If I close my browser, open a new browser and go to the site I am prompted to login again (this is fine).  I do, using the same credentials, and the login fails because I am redirected between the SP and ADFS servers until the ADFS server stops the redirecting.  I have been doing some digging and I found this post: http://blogs.technet.com/b/speschka/archive/2010/08/09/setting-the-login-token-expiration-correctly-for-sharepoint-2010-saml-claims-users.aspx, which describes the situation I have in point # 3 at the bottom.  I have tried setting the token time out as low as 1 second but this hasn't helped. I have also, just to see, tried setting all the other lifetime settings to 1 second - but no luck.  Because the initial login works I think the setup is correct, but something is maintaining some state that is causing the loop

Cannot login to Sharepoint 2010 central admin

Hi Guys, I am relatively new to MOSS and have started investigating the product. I had MOSS 2010 fully funtioning in a test environment and had an issue with authentication. Each time a user accessed the site for the time, they would be prompted for a username and password. I then came across an article that indicated i should enable Kerberos authentication in Central Admin. I did this but once the configuration completed i could no longer access Central admin. The normal site sites are available and functioning. What could the issue be? thank you,
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend