Hi,
I am currently upgrading a SharePoint 2016 site to SharePoint 2019, onto a different server. The site uses Form-Based Authentication for external access. I've configured the Membership and see that the new user registration works. (New user name successfully added to the membership database tables.) However, after successful registration, I still cannot log on. The issue is traced to the code below, when it tries to get the token by calling SPSecurityContext.SecurityTokenForFormsAuthentication.
private SecurityToken GetSecurityToken(string username, string password)
{
SecurityToken token = null;
using (SPSite site = new SPSite(SPContext.Current.Web.Url))
{
SPIisSettings iisSettings = site.WebApplication.IisSettings[SPUrlZone.Extranet];
Uri appliesTo = new Uri(SPContext.Current.Web.Url);
if (string.IsNullOrEmpty(username) ||
string.IsNullOrEmpty(password))
return null;
SPFormsAuthenticationProvider authProvider = iisSettings.FormsClaimsAuthenticationProvider;
token = SPSecurityContext.SecurityTokenForFormsAuthentication( appliesTo, authProvider.MembershipProvider, authProvider.RoleProvider, username, password, SPFormsAuthenticationOption.None);
}
return token;
}
Error Message: (not very helpful to me):
{"The server was unable to process the request due to an internal error. For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework SDK documentation and inspect the server trace logs."}
Stack Trace:
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo, SPRequestSecurityTokenProperties properties)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForFormsAuthentication(Uri context, String membershipProviderName, String roleProviderName, String username, String password, SPFormsAuthenticationOption options, Nullable`1 shouldGenerateCookie, Nullable`1 sessionAttributes, Nullable`1 sessionAttributesToUpdate, String sharingSessionId, Nullable`1 lastAttestationTime, Nullable`1 nextCAPolicyCheckTime, Nullable`1 extendedCAPolicyCheckTime)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForFormsAuthentication(Uri context, String membershipProviderName, String roleProviderName, String username, String password, SPFormsAuthenticationOption options, Nullable`1 shouldGenerateCookie)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForFormsAuthentication(Uri context, String membershipProviderName, String roleProviderName, String username, String password, SPFormsAuthenticationOption options)
I've checked that all parameters passed to the function look correct.
Questions I have now:
Could there be something I missed in IIS configuration?
Where exactly can/should I turn on IncludeExceptionDetailInFaults? If it's in a web.config file, which site's web.config file should I modify?
I tried to turn on tracing in the SharePoint site's web.config file, following the steps in this video https://www.youtube.com/watch?v=fXSjwBgRrto. But I don't see the log files appearing. Have I edited the wrong web.config file?
Any help is so much appreciated!
