Tuesday, June 5, 2012

An exception occurred when trying to issue security token: The security token username and password could not be validated. + FBA Sharepoint 2010

This error might be caused due to various reasons

Main reason :Service account has not added to your FBA database.

IIS >Application pools > SharePoint Central Administration v4  > Advanced settings >

under process model > identity > you can see service account  here



2nd reason :  check your web service web.config file, you need to include below code 
Go to IIS Manager>SharePoint Web Services\SecurityTokenserviceapplication

Or

C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebServices\SecurityToken\web.config 


<system.web>
    <roleManager>
      <providers>
        <add connectionStringName="SQLConnectionString"
            applicationName="/"
            description="Stores and retrieves roles from SQL Server"
            name="SQLRoleProvider" type="System.Web.Security.SqlRoleProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </roleManager>
    <membership>
      <providers>
        <add connectionStringName="SQLConnectionString"
            passwordAttemptWindow="5"
            enablePasswordRetrieval="false"
            enablePasswordReset="true"
            requiresQuestionAndAnswer="true"
            applicationName="/"
            requiresUniqueEmail="true"
            passwordFormat="Hashed"
            description="Stores and Retrieves membership data from SQL Server"
            name="SQLMembershipProvider"
            type="System.Web.Security.SqlMembershipProvider, System.Web, Version=2.0.3600.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
      </providers>
    </membership>
  </system.web>

</configuration>




5 comments:

  1. Sorry, I don't get it. It shows in your first cause , what? I am not sure what you are saying. My identity shows NetworkService, not a SQL account. Which should it show, and how do I get the SQL user name if that is what I am supposed to use?

    ReplyDelete
  2. hey i am sorry ..here identity means networkservice accout only not sql service acccount.

    ReplyDelete
    Replies
    1. Hi Surya,

      If I use network service am getting the following error.
      The requested service, 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc' could not be activated. See the server's diagnostic trace logs for more information

      If I use domain account for one user it's working but not working for another user.

      Delete
    2. have you added identity account as shown in the above picture to the fba database ?
      please check this
      http://support.microsoft.com/kb/2520344

      Delete
  3. Thanks Surya, for me, it was the account that runs the SecurityTokenSeriviceApplication (LocalSystem) that couldn't access the database. I've added it to the security memebrs and gave it access and it worked fine.

    ReplyDelete

Followers