locked
SharePoint 2013 claim based authentication error with ADFS login RRS feed

  • Question

  • Hi,

    I have configured a cliam based authentication web app in SharePoint 2013. the website works seamlessly well with windows authentication from both internal and external networks.

    The ADFS login is having issues both internally and externally.

    I have configured claims mapping on the SharePoint server, realm address, certificates and all other things are also configured. it is similar to the steps in this link http://summit7systems.com/claims-based-authentication-adfs-3-0-and-sharepoint-2013-beginners-guide/

    After entering the credentials at the ADFS login screen, i get redirected to the _trust location and then I get redirected to the error page with message

    sorry something went wrong,

    an error has occured on the server

    technical details

    Troubleshoot issues with microsoft sharepoint foundation

    correlation id

    date and time

    Please advice if there is any configuration that I have to do in the web.config file, the microsoft identity models at the moment looks like this in the web.config file. 

    I am assuming I need to make changes here as well, in order to get it working.

     <microsoft.identityModel>
        <service saveBootstrapTokens="true">
          <audienceUris />
          <issuerNameRegistry type="Microsoft.SharePoint.IdentityModel.SPPassiveIssuerNameRegistry, Microsoft.SharePoint, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
          <issuerTokenResolver type="Microsoft.SharePoint.IdentityModel.SPIssuerTokenResolver, Microsoft.SharePoint.IdentityModel, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
          <securityTokenHandlers>
            <clear />
            <add type="Microsoft.IdentityModel.Tokens.X509SecurityTokenHandler, Microsoft.IdentityModel, Version=3.5.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
            <add type="Microsoft.SharePoint.IdentityModel.SPSaml11SecurityTokenHandler, Microsoft.SharePoint.IdentityModel, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c">
              <samlSecurityTokenRequirement>
                <nameClaimType value="http://schemas.microsoft.com/sharepoint/2009/08/claims/userid" />
              </samlSecurityTokenRequirement>
            </add>
            <add type="Microsoft.SharePoint.IdentityModel.SPTokenCache, Microsoft.SharePoint.IdentityModel, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
          </securityTokenHandlers>
          <federatedAuthentication>
            <wsFederation passiveRedirectEnabled="false" issuer="" realm="" />
            <cookieHandler mode="Custom" path="/">
              <customCookieHandler type="Microsoft.SharePoint.IdentityModel.SPChunkedCookieHandler, Microsoft.SharePoint.IdentityModel, Version=15.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" />
            </cookieHandler>
          </federatedAuthentication>
        </service>
      </microsoft.identityModel>

    rafi qureshi

    Monday, April 4, 2016 8:55 AM

Answers

  • could you please check the ADFS logs and get the more clue why it is throwing error? 

    Try to clear the Browser Cache and test again.


    Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

    Monday, April 4, 2016 1:32 PM

All replies

  • could you please check the ADFS logs and get the more clue why it is throwing error? 

    Try to clear the Browser Cache and test again.


    Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog

    Monday, April 4, 2016 1:32 PM
  • It was the web proxy server blocking the claims. we solved it.

    rafi qureshi


    Wednesday, April 20, 2016 2:16 PM
  • How can you say that the problem was from the proxy?

    How do you correct the problem?

    Sunday, August 21, 2016 3:03 PM