iOS authentication (error 403 forbidden) issues with ADFS RRS feed

  • Question

  • Hello all,

    I have a web application that is targeted at mobile platforms (WP7, Android, iOS) running on Windows Server 2008 R2 and IIS 7.5.  The application uses FBA and ADFS.  Up until a few days ago, everything was fine, and all device types were able to authenticate without issue.  Recently though, iOS devices (ios v5.1.1) have begun to experience 403 Forbidden errors when attempting to access the site.

    When this happens, there is also a corresponding error in the Event log.  Error #104 - "The ADFS Web Agent for Windows NT token-based applications has encountered a serious error.  The cookies that were presented by the client cannot be validated."

    This error is not terribly consistent.  It is not happening to all iOS users.  Sometimes, the error can be bypassed by executing the following steps on the iOS device:

    1. Terminate the Safari app
    2. Clear all Safari memory settings (clear cache, cookies, history, website data, names and passwords)
    3. Re-launch application and authenticate

    But this does not work consistently or permanently.

    Android and WM7 devices as well as most popular desktop browsers (IE, Firefox, Chrome) appear to be unaffected.  Edit:  This behavior can be produced in the desktop version of Safari, running on a Windows 7 machine.

    Can someone propose a possible cause, solution, or next troubleshooting steps?


    • Edited by Joe Filbrun Monday, June 25, 2012 6:47 PM corrected information
    Monday, June 25, 2012 2:35 PM