Skip to main content

How to deal with SharePoint 2010 exception "An exception occurred when trying to issue security token: The server was unable to process the request due to an internal error"


Scenario:


You receive the below exception when you try to logon to a site that has been configured to use Claims Based Authentication with a custom membership provider using FBA credentials:

Event ID from Event Log  - 8306

An exception occurred when trying to issue security token: The server was unable to process the request due to an internal error.  For more information about the error, either turn on IncludeExceptionDetailInFaults (either from ServiceBehaviorAttribute or from the <serviceDebug> configuration behavior) on the server in order to send the exception information back to the client, or turn on tracing as per the Microsoft .NET Framework 3.0 SDK documentation and inspect the server trace logs..

Explanation:

This error started to appear in our QA environment which does not have Visual Studio installed. I have tried starting the service "Claims to Windows Token Service" but that did not help either.

I have made sure that all configuration changes required for FBA have been made properly in the below web.config files:
  • Web Applications
  • CA Web Aplication
  • \14\WebServices\SecurityToken
This post can get you started with building a custom membership provider and making changes to the required configuration files.

Error
Resolution:
To view more information about the actual error that is preventing the secure token service from being able to issue security token, I added the service debug in the web.config for the web service, under \14\WebServices\SecurityToken:
<serviceDebug includeExceptionDetailInFaults="True" httpHelpPageEnabled="True"/>
After adding the above to SecurityToken's web.config, the event log reported the below:
ServiceDebug
An exception occurred when trying to issue security token: The configuration section for Logging cannot be found in the configuration source..

I then realized that it is Microsoft.Practices.EnterpriseLibrary.Logging from my custom membership code that is causing the issues and not FBA configuration as I originally thought.

I then went ahead and added the required configuration for Microsoft.Practices.EnterpriseLibrary.Logging
Everything after that worked as desired. So I strongly advice everyone not to panic and take such drastic steps as re-installing SharePoint 2010 etc.. When I googled for this error, many people suggested to reinstall SharePoint 2010, change server names, etc.. Remember that these things happen for a reason. It just requires some patience to figure out the exact problem.
Labels:

Comments

Post a Comment

Popular posts from this blog

SharePoint SPFX components basic details and understanding

Microsoft developed SharePoint, a web-based platform that enables businesses and organisations to share and manage documents and information. The SharePoint Framework (SPFx) is a set of client-side tools and components that can be used to construct unique solutions on top of SharePoint. The creation of a SharePoint SPFx component will be covered in this blog. Let's address specific requirements before creating a SharePoint SPFx component. Install the necessary software on your computer: Version 10 or later of Node.js SharePoint Framework (SPFx) generator using Git Now that all the prerequisites have been deployed, let's start developing the SharePoint SPFx component. Start by making a new SPFx project. Making a new SPFx application is the initial step. Launch the command prompt and execute the following commands  yo @microsoft/sharepoint The Yeoman generator for the SharePoint Framework will be started using this command. You will be prompted to enter details about your project...
Post a Comment
Read more

Custom Form Base Login Web Part With Sharepoint 2010

In my  Last Post , I talked about creating a Form based authentication web application with Active Directory LDAP. After implementing that you have surely noticed that, when you try to sign in after creating a site collection from FBA web application, you get the following sign in page: Surely, it does not look pretty at all. So, you might want to change this default login page. In order to do this, first let us create an empty SharePoint project in Visual Studio 2010. After that, add an application page by right click-selecting “Add New Item” and you will get like the following window in Solution Explorer: Notice that, when you add any application page to your project, Visual Studio automatically creates a Layouts  folder. To keep things simple enough for your understanding, you may keep your application page under a folder where you might name it as same as your project like the figure above. Now, add a reference for  Microsoft.SharePoint.IdentityModel...
2 comments
Read more