Claims Based Authentications - adding removing claims

New to VisualStudio C# MVC
(please guide me to the correct forum if I have missed the category)
I have a simple application. I want to go in as an admin and remove/add a users claim in the table "AspNetUserClaims". I don't need to worry if this user I want to change is logged in or not. Seems simple.. but much as I try I cannot get this to
change.
Copied code from "AccountController"
await UserManager.AddClaimAsync(user.Id, new Claim(ClaimTypes.Role, "member"));
It runs and in debugger looks like all the correct information. but no changes made to table "AspNetUserClaims". In Accountcontroller the new user is being created. and I know have a user who is already created.. I think that is the crux of the
issue..I have read things, btu I don't know what is outdated and not.
thank you in advance
d

Hi,
I think You have to ask it in the ASP.NET forum.
http://forums.asp.net/1146.aspx/1?MVC
Regards,
gioVhan
Please remember to mark the replies as answers if they help and unmark them if they provide no help.

Similar Messages

Sharepoint 2010 on Windows 2012R2 and claims based authentication

Hello,
We have installed a sharepoint 2010 SP2 CU dec 2014 on a Windows 2012R2 server.
The installation went without problems.
However, we want to use claims based authentication on a certain web app pool.
Therefore some configuration on IIS is required.
The first issue we ran into, is the web application pool uses ASP.NET 2.0, which is the default settings.
However, using this ASP.NET Version 2.0 the feature "Providers" and ".net users" are invisible.
When changing the .net version to 4.0, the features comes back again.
I can fill in the connection strings without problem.
The providers feature however, gives me the following errors:
There is a duplicate .... sections defined.
When googling on this error, it seems that on .net 4.0 these sections are already globbally defined in the machine.config, So i removed these entries in the machine.config
These are the lines that are "double"
<section name="scriptResourceHandler" type="System.Web.Configuration.ScriptingScriptResourceHandlerSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false"
allowDefinition="MachineToApplication"/>
<section name="jsonSerialization" type="System.Web.Configuration.ScriptingJsonSerializationSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false" allowDefinition="Everywhere"
/>
<section name="profileService" type="System.Web.Configuration.ScriptingProfileServiceSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false" allowDefinition="MachineToApplication"
/>
<section name="authenticationService" type="System.Web.Configuration.ScriptingAuthenticationServiceSection, System.Web.Extensions, Version=4.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="false"
allowDefinition="MachineToApplication" />
So after removing these lines, i can get into Providers feature in IIS.
but, when i click on "Add..." i get the following error:
Add Provider
There was an error while performing this operation.
Details:
This method cannot be called during the application's pre-start initialization phase.
OK
I spent to much time already to solve this issue and i hope that someone can give me some advice to address this issue.

The STS web.config:<?xml version="1.0" encoding="utf-8"?>
<configuration>
<system.serviceModel>

<behaviors>
<serviceBehaviors>
<behavior name="SecurityTokenServiceBehavior">

<serviceMetadata httpGetEnabled="true" />

<serviceThrottling maxConcurrentCalls="65536" maxConcurrentSessions="65536" maxConcurrentInstances="65536" />
</behavior>
</serviceBehaviors>
</behaviors>

<services>
<service name="Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract" behaviorConfiguration="SecurityTokenServiceBehavior">

<endpoint address="" binding="customBinding" bindingConfiguration="spStsBinding" contract="Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract" />

<endpoint name="ActAs" address="actas" binding="customBinding" bindingConfiguration="spStsActAsBinding" contract="Microsoft.IdentityModel.Protocols.WSTrust.IWSTrust13SyncContract" />

<endpoint address="mex" binding="mexHttpBinding" contract="IMetadataExchange" />
</service>
<service name="Microsoft.SharePoint.Administration.Claims.SPWindowsTokenCacheService">
<endpoint address="" binding="customBinding" bindingConfiguration="SPWindowsTokenCacheServiceHttpsBinding" contract="Microsoft.SharePoint.Administration.Claims.ISPWindowsTokenCacheServiceContract" />
</service>
</services>

<bindings>
<customBinding>
<binding name="spStsBinding">
<binaryMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152" />
</binaryMessageEncoding>
<httpTransport maxReceivedMessageSize="2162688" authenticationScheme="Negotiate" useDefaultWebProxy="false" />
</binding>
<binding name="spStsActAsBinding">
<security authenticationMode="SspiNegotiatedOverTransport" allowInsecureTransport="true" defaultAlgorithmSuite="Basic256Sha256" messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12" />
<binaryMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152" />
</binaryMessageEncoding>
<httpTransport maxReceivedMessageSize="2162688" authenticationScheme="Negotiate" useDefaultWebProxy="false" />
</binding>
<binding name="SPWindowsTokenCacheServiceHttpsBinding">
<security authenticationMode="IssuedTokenOverTransport" />
<textMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152" />
</textMessageEncoding>
<httpsTransport maxReceivedMessageSize="2162688" authenticationScheme="Anonymous" useDefaultWebProxy="false" />
</binding>
</customBinding>
</bindings>
</system.serviceModel>
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<windowsAuthentication enabled="true">
<providers>
<clear />
<add value="Negotiate" />
<add value="NTLM" />
</providers>
</windowsAuthentication>
</authentication>
</security>
<modules>
<add name="WindowsAuthenticationModule" />
</modules>
</system.webServer>
<system.net>
<connectionManagement>
<add address="*" maxconnection="10000" />
</connectionManagement>
</system.net>
<connectionStrings>
<add connectionString="Server=sqldb_qa_sharepoint2010;Database=SG_SHP_Claims_Authentication;Integrated Security=true" name="SHP_Claims_Authentication" />
</connectionStrings>
</configuration>
I have backupped the machine.config and restored it (the file i edited was in the following dir: C:\Windows\Microsoft.NET\Framework\v4.0.30319\Machine.config)

How to pass credentials/saml token access sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication

How to pass credentials/saml token exchange to the sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication
Identity provider here is Oracle identity provider
harika kakkireni

Hi,
The following materials for your reference:
Consuming List.asmx on a claims based sharepoint site
http://social.technet.microsoft.com/Forums/sharepoint/en-US/f965c1ee-4017-4066-ad0f-a4f56cd0e8da/consuming-listasmx-on-a-claims-based-sharepoint-site?forum=sharepointcustomizationprevious
Sharepoint Claims based authentication and Single Sign on
http://social.technet.microsoft.com/Forums/sharepoint/en-US/2dfc1fdc-abc0-4fad-a414-302f52c1178b/sharepoint-claims-based-authentication-and-single-sign-on?forum=sharepointadminprevious
Sharepoint Claim Based Authentication Web Service issuehttp://social.msdn.microsoft.com/Forums/office/en-US/dd4cc581-863c-439f-938f-948809dd18db/sharepoint-claim-based-authentication-web-service-issue?forum=sharepointgeneralprevious
Best Regards
Dennis Guo
TechNet Community Support

Cannot create dataset from claims based authentication sharepoint site in report builder 3.0

I have a sharepoint site, which is configured as claims based authentication (ref:
http://ashrafhossain.wordpress.com/2011/05/25/how-to-configure-claim-based-authentication-for-sharepoint-project-server-2010/) . both AD and asp.net members can log in to the site successfully. My user need to use the report build to create report
on this sharepoint site. As a result, the site is also integrated with reporting service. I try to create a report in the sharepoint site by clicking "New Document" -> "Report builder Report". The report builder will comes out and ask for credential to
connect to the report server. I use asp.net member to login and it can let me to create a data source which connect to a the list of the sharepoint site with credential option "Use current Windows user. Kerberos delegation might be required". However, when
I try to create a data set and click the query designer, error "Server was unable to process request. ---> Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED))" appear as below:
Besides, non of my AD account can be used to login to the report builder. Errors below found in the ULS log:
09/26/2012 14:47:27.75 w3wp.exe (0x116C)
0x11F4 SharePoint Foundation
Claims Authentication fo1t
Monitorable SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password could not be validated.
(Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
09/26/2012 14:47:27.76 w3wp.exe (0x140C)
0x0F38 SharePoint Foundation
Claims Authentication fsq7
High Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated. at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message
response) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken
rst) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
524a2f96-f5ff-4c96-80d1-f08d3c7ef14f
09/26/2012 14:47:27.76 w3wp.exe (0x140C)
0x0F38 SharePoint Foundation
Claims Authentication 8306
Critical An exception occurred when trying to issue security token: The security token username and password could not be validated..
524a2f96-f5ff-4c96-80d1-f08d3c7ef14f

Hi Foxvito,
Claims authentication types supported by SharePoint 2010 are Windows Claims, forms-based authentication Claims, and SAML Claims. In SAML-Claims mode, SharePoint Server accepts SAML tokens from a trusted external Security Token Provider (TST). From the
blog you referenced, it seems to use the SAML Claims authentication.
However, the Reporting Services client applications: Report Builder, the Report Designer in Business Intelligence Development Studio, and Management Studio do not support connecting and authenticating with LiveID or SAML Claims based SharePoint Web applications.
That's because the SAML Claims don't use the Reporting Services authentication endpoint. So, you have to change the Claims authentication type to use Report Builder on the SharePoint site.
References:
Overview of Kerberos authentication for Microsoft SharePoint 2010 Products
Claims Authentication and Reporting Services
Regards,
Mike Yin
Mike Yin
TechNet Community Support

Claims Based Authentication and Editing User Profiles

Hi All,
I have an interesting issue where I have a SharePoint Farm setup with both the intranet and mysites web applications setup using Claims Based Authentication. While everything seems to work fine, you are able to search for users, view properties and users
can change their own profile properties. However when you configure a profile administration account (an account with the "manage user profiles" permission on the User Profile Service Application) and you attempt to use that account to edit
another users profile you get hit with a generic error page.
Delving deeper you get the following errors:
ULS:
Date   Process   Thread Id   Area   Category   Event Id   Level   Correlation   Message
5/7/2013 00:31:44:64   App Pool: MySites   0x1DC8   SharePoint Foundation   Logging Correlation Data   xmnv   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Name=Request (GET:http://mysite.DOMAIN.loc:80/_layouts/15/EditProfile.aspx?UserSettingsProvider=234bf0ed%2D70db%2D4158%2Da332%2D4dfd683b4148&ReturnUrl=http%3A%2F%2Fmysite%2EDOMAIN%2Eloc%2Fperson%2Easpx%3Faccountname%3DDOMAIN%255CAUSER&accountname=DOMAIN%5CAUSER)
5/7/2013 00:31:44:66   App Pool: MySites   0x1DC8   SharePoint Foundation   Authentication Authorization   agb9s   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Non-OAuth request. IsAuthenticated=True, UserIdentityName=0#.w|DOMAIN\sp_config, ClaimsCount=24
5/7/2013 00:31:44:66   App Pool: MySites   0x1DC8   SharePoint Foundation   Logging Correlation Data   xmnv   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Site=/
5/7/2013 00:31:44:69   App Pool: MySites   0x1DC8   SharePoint Foundation   Files   00000   High   4001199c-6bd8-c03d-920f-55177fbff00c
UserAgent not available, file operations may not be optimized.
at Microsoft.SharePoint.SPFileStreamManager.CreateCobaltStreamContainer(SPFileStreamStore spfs, ILockBytes ilb, Boolean copyOnFirstWrite, Boolean disposeIlb)
at Microsoft.SharePoint.SPFileStreamManager.SetInputLockBytes(SPFileInfo& fileInfo, SqlSession session, PrefetchResult prefetchResult)
at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocumentRowset(Guid databaseId, SqlSession session, SPFileStreamManager spfstm, Object[] metadataRow, SPRowset contentRowset, SPDocumentBindRequest& dbreq, SPDocumentBindResults&
dbres)
at Microsoft.SharePoint.SPSqlClient.GetDocumentContentRow(Int32 rowOrd, Object ospFileStmMgr, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres)
at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages,
Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String&
pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64&
pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder,
Guid& pgDocScopeId)
at Microsoft.SharePoint.Library.SPRequestInternalClass.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages,
Boolean& pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String&
pbstrTimeLastModified, String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64&
pllListFlags, Boolean& pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder,
Guid& pgDocScopeId)
at Microsoft.SharePoint.Library.SPRequest.GetFileAndMetaInfo(String bstrUrl, Byte bPageView, Byte bPageMode, Byte bGetBuildDependencySet, String bstrCurrentFolderUrl, Int32 iRequestVersion, Byte bMainFileRequest, Boolean& pbCanCustomizePages, Boolean&
pbCanPersonalizeWebParts, Boolean& pbCanAddDeleteWebParts, Boolean& pbGhostedDocument, Boolean& pbDefaultToPersonal, Boolean& pbIsWebWelcomePage, String& pbstrSiteRoot, Guid& pgSiteId, UInt32& pdwVersion, String& pbstrTimeLastModified,
String& pbstrContent, UInt32& pdwPartCount, Object& pvarMetaData, Object& pvarMultipleMeetingDoclibRootFolders, String& pbstrRedirectUrl, Boolean& pbObjectIsList, Guid& pgListId, UInt32& pdwItemId, Int64& pllListFlags, Boolean&
pbAccessDenied, Guid& pgDocid, Byte& piLevel, UInt64& ppermMask, Object& pvarBuildDependencySet, UInt32& pdwNumBuildDependencies, Object& pvarBuildDependencies, String& pbstrFolderUrl, String& pbstrContentTypeOrder, Guid&
pgDocScopeId)
at Microsoft.SharePoint.SPWeb.GetWebPartPageContent(Uri pageUrl, Int32 pageVersion, PageView requestedView, HttpContext context, Boolean forRender, Boolean includeHidden, Boolean mainFileRequest, Boolean fetchDependencyInformation, Boolean& ghostedPage,
String& siteRoot, Guid& siteId, Int64& bytes, Guid& docId, UInt32& docVersion, String& timeLastModified, Byte& level, Object& buildDependencySetData, UInt32& dependencyCount, Object& buildDependencies, SPWebPartCollectionInitialState&
initialState, Object& oMultipleMeetingDoclibRootFolders, String& redirectUrl, Boolean& ObjectIsList, Guid& listId)
at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.FetchWebPartPageInformationForInit(HttpContext context, SPWeb spweb, Boolean mainFileRequest, String path, Boolean impersonate, Boolean& isAppWeb, Boolean& fGhostedPage, Guid& docId,
UInt32& docVersion, String& timeLastModified, SPFileLevel& spLevel, String& masterPageUrl, String& customMasterPageUrl, String& webUrl, String& siteUrl, Guid& siteId, Object& buildDependencySetData, SPWebPartCollectionInitialState&
initialState, String& siteRoot, String& redirectUrl, Object& oMultipleMeetingDoclibRootFolders, Boolean& objectIsList, Guid& listId, Int64& bytes)
at Microsoft.SharePoint.ApplicationRuntime.SPRequestModuleData.GetWebPartPageData(HttpContext context, String path, Boolean throwIfFileNotFound)
at Microsoft.SharePoint.ApplicationRuntime.SPVirtualPathProvider.GetCacheKey(String virtualPath)
at System.Web.Compilation.BuildManager.GetVPathBuildResultFromCacheInternal(VirtualPath virtualPath, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVPathBuildResult(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean ensureIsUpToDate)
at System.Web.UI.MasterPage.CreateMaster(TemplateControl owner, HttpContext context, VirtualPath masterPageFile, IDictionary contentTemplateCollection)
at System.Web.UI.Page.ApplyMasterPage()
at System.Web.UI.Page.PerformPreInit()
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
at System.Web.HttpApplication.PipelineStepManager.ResumeSteps(Exception error)
at System.Web.HttpApplication.BeginProcessRequestNotification(HttpContext context, AsyncCallback cb)
at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
at System.Web.Hosting.UnsafeIISMethods.MgdIndicateCompletion(IntPtr pHandler, RequestNotificationStatus& notificationStatus)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotificationHelper(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
at System.Web.Hosting.PipelineRuntime.ProcessRequestNotification(IntPtr rootedObjectsPointer, IntPtr nativeRequestContext, IntPtr moduleData, Int32 flags)
5/7/2013 00:31:44:69   App Pool: MySites   0x1DC8   SharePoint Foundation   Files   aiv4w   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Spent 0 ms to bind 33542 byte file stream
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ai7z6   High   4001199c-6bd8-c03d-920f-55177fbff00c
User was not successfully retrieved: i:0#.w|DOMAIN\AUSER in ProfileUI.OnInit. Seeing if this is a system account
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ai7z7   High   4001199c-6bd8-c03d-920f-55177fbff00c
User i:0#.w|DOMAIN\AUSER not found and not a system account.
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ahn7m   Unexpected   4001199c-6bd8-c03d-920f-55177fbff00c
ProfileUI: Unhandled exception inside OnInit: Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Portal Server   User Profiles   ahn7h   Unexpected   4001199c-6bd8-c03d-920f-55177fbff00c
ProfileEditor: Unhandled exception inside OnInit: Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   General   8nca   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Application error when access /_layouts/15/EditProfile.aspx, Error=DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   Runtime   tkau   Unexpected   4001199c-6bd8-c03d-920f-55177fbff00c
Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   General   ajlz0   High   4001199c-6bd8-c03d-920f-55177fbff00c
Getting Error Message for Exception System.Web.HttpUnhandledException (0x80004005): Exception of type 'System.Web.HttpUnhandledException' was thrown. ---> Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
at Microsoft.SharePoint.Portal.WebControls.ProfileUI.OnInit(EventArgs e)
at Microsoft.SharePoint.Portal.WebControls.ProfileEditor.OnInit(EventArgs e)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Control.InitRecursive(Control namingContainer)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.HandleError(Exception e)
at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
at System.Web.UI.Page.ProcessRequest()
at System.Web.UI.Page.ProcessRequest(HttpContext context)
at System.Web.HttpApplication.CallHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)
5/7/2013 00:31:44:72   App Pool: MySites   0x1DC8   SharePoint Foundation   General   aat87   Monitorable   4001199c-6bd8-c03d-920f-55177fbff00c
5/7/2013 00:31:44:73   App Pool: MySites   0x1DC8   SharePoint Foundation   Monitoring   b4ly   Medium   4001199c-6bd8-c03d-920f-55177fbff00c
Leaving Monitored Scope (Request (GET:http://mysite.DOMAIN.loc:80/_layouts/15/EditProfile.aspx?UserSettingsProvider=234bf0ed%2D70db%2D4158%2Da332%2D4dfd683b4148&ReturnUrl=http%3A%2F%2Fmysite%2EDOMAIN%2Eloc%2Fperson%2Easpx%3Faccountname%3DDOMAIN%255CAUSER&accountname=DOMAIN%5CAUSER)).
Execution Time=87.1739285300227
It seems similar to an issue in the blog post here: http://kb4sp.wordpress.com/2012/12/05/user-cannot-be-found-shenanigans-one-way-active-directory-trusts-and-sharepoint-2013/ however I tried what was suggested and it didn't work.
Any help with this is appriciated.

This line offers clues about the actual problem:
Microsoft.Office.Server.UserProfiles.UserNotFoundException: DOMAIN\AUSER
According to the MSDN link (http://msdn.microsoft.com/en-us/library/microsoft.office.server.userprofiles.usernotfoundexception.aspx)
it is not able to find the user in the profile store. Additionally the link you mentioned (http://kb4sp.wordpress.com/2012/12/05/user-cannot-be-found-shenanigans-one-way-active-directory-trusts-and-sharepoint-2013)
suggests that the account being used to validate accounts on the production domain may have a problem.
If there a way you can test that account in isolation against the DC?
With Regards Shailen Sukul Entrepreneur/Software Architect/Developer/Consultant/Trainer (BSc | Mct | Mcpd (.Net 2/3.5/SharePoint2010) | Mcts (Sharepoint 2010/MOSS/WSS), Biztalk, Web, Win, Dist Apps) | Mcitp(SharePoint) | Mcsd.NET | Mcsd | Mcad) MSN | Skype
| GTalk Id: shailensukul Twitter: http://twitter.com/shailensukul Website: http://sukul.org Blog: http://shailen.sukul.org/ http://www.linkedin.com/in/shailensukul

Claims Based Authentication SPSecurityTokenService.Issue() failed: The security token username and password could not be validated.

Please excuse the lousy table...Its late :-)
I have a multi-server SP2010 farm. Patched up to
Configuration database version: 14.0.6106.5002
My goal is to have a claims based web application that authenticated to ADAM for Extranet. I have configured the servers exactly to MSDN and technet specs (following this spec to the
letter (
http://technet.microsoft.com/en-us/library/ee806882.aspx) to allow the forms side of the web app to authenticate to ADAM.
IT WORKS IN DEV!!! , which is a single server farm. However, it does not work in production. I get the following:
Claims Auth log entries:
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
f2ut
Verbose
Authenticated with login provider. Validating request security token.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Using membership provider 'ADAMProvider'.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Doing password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Failed password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Unexpected
Password check on '[email protected]' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security
token username and password could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
fo1t
Monitorable
SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password
could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
fsq7
High
Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
  at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
8306
Critical
An exception occurred when trying to issue security token: The security token username and password could not be validated..
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
f2un
Verbose
Form authentication failed.
I have tried EVERYTHING (well, nt everything, I don’t have the fix I suppose).
I found plenty out there and nothing directly correlates with this issue.
I searched on all parts of the errors I got.
This contains an interesting blurb about setting up access for the apppool id correctly.
That’s not the case for me. It works in dev and the same id are used there.
http://sharepoint-2010-world.blogspot.com/2011/03/adam-forms-based-authentication-in.html
This was good but it doesn’t give specs on what the environment looks like:
http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/557143a6-4b36-4939-bb7f-d62a9335fd18
The was interesting…but I am patched up beyond the June 2011 CU so it’s a moot point:
http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/9b8368ef-c5e5-4ead-b348-7b2b5587cfc8
Any and all help would be greatly appreciated!

Hi.
You say its a multiserver farm, do you have more than one web server then?
If thats the case, have you tried accessing the site on each server directly?
Found this for you, maybe that can help?
Troubleshooting Exceptions: System.ServiceModel.FaultException`1
http://msdn.microsoft.com/en-us/library/bb907220.aspx
and this:
SharePoint 2010 Claims Authentication - The security token username and password could not be validated reoccurring every morning
http://social.technet.microsoft.com/Forums/pl-PL/sharepoint2010setup/thread/383f1f9b-5c4a-4e19-b770-2a54b7ab1ca1
and
This seems to be a good guide:
http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
Good luck
Thomas Balkeståhl - Technical Specialist - SharePoint - http://blksthl.wordpress.com

SharePoint 2013 web service: Error while sending claim based authentication request (The corresponding SID in the domain is not part of the intended account type)

We are using .asmx services for SharePoint features such as comments, and rating.
Service
Feature used
http://<<hostname>>/_vti_bin/socialdataservice.asmx
Commenting, Rating
http://<<hostname>>/_vti_bin/UserProfileService.asmx
For out of box workflows
In SharePoint 2013,
SharePoint – 80 web application is on claims based mode and user is logging in with windows authentication. With logged-in client context used to call SharePoint's default web service, we are getting below error message from
web service (Social data and user profile services).
Server was unable to process request. ---> The corresponding SID in the domain is not part of the intended account type.
When the service is accessed using console application with Visual Studio credentials (logged in user), we are able to access the service. Below is the code snippet
using (SocialDataService
service = new
SocialDataService())
service.Credentials =
CredentialCache.DefaultCredentials;
SocialCommentDetail detail = service.AddComment("<<url>>",
"Test Comment",
null,
null);
Are SharePoint 2013 web services not supporting request coming with claim based authentication web application?
Thanks, Pratik Agrawal (MAQ Software)

While this applies to 2010, I believe the same is true with 2013:
http://social.technet.microsoft.com/Forums/sharepoint/en-US/925e5f46-317f-46d3-bc55-c67f07eb2372/call-sharepoint-web-services-using-claimbased-authentication?forum=sharepointgeneralprevious
Trevor Seward
Follow or contact me at...
&nbsp&nbsp
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

Adobe Acrobat X Pro cannot handle claim based authentication

Hi,
The system has licensed 'Adobe Acrobat X Pro' installed successfully. When SharePoint 2010 site collection has NTLM authentication, pdf document can be edited sucessfully using 'Adobe Acrobat X Pro'.
Issue arises when the sharepoint 2010 site collection has claim based authentication.
User logs in and navigate through links as-
Workspace->Document Library.
Selects PDF document->select "Edit Document" link.
This action opens Adobe Acrobat X Pro, but do not open pdf and displays error "There was error opening this document. The filename, directory name, or volume label syntax is incorrect."
In this case, request-response caught as-
OPTIONS http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/WS%20Library/89000000 HTTP/1.1
Accept: */*
User-Agent: Mozilla/3.0 (compatible; Acrobat Annots 10.1.1 )
Host: dev-ms-db-01.devrapdrp.mahadiscom.in
Content-Length: 0
Connection: Keep-Alive
Pragma: no-cache
Cookie: SPSESSION=IWyGCxHlHGZr0eWSuEDJvOt7+i2Io81ggZFn+tFAtcuOYqDUjzIINxLXo5V69CSSbTi+UsSjgB8fow/ Gr0UWuGEHRpliqgfRGPsjaPO4vdYVCKJ+HAtMjCgcVx6HuVHUeO4/hpsI7gb47X9s4OmsgXkd6MqTFlVQIIMHxDtuE 6WpZxnSEl47voXnX11FkcIWSk8BqEl4+PnC7Paktct3SEJdgY+lWsazcsMqD3HrEGe0w7Qn0VN2lWglt1N5ejSDNyR oKoPAZKsm7fDqxO+SDHBF+UDEN2VvOhOV/PL5OIwRLKU+niaYolAZyDrASixdMm012NwchcLbqELJPT6sxfYEyMbRB MF2o1W922SYSkfAEKSFZ5ikkRyTCcuMNuI6fMQ6t+Xti6pcX/Vula+qf9q+vqPVxkZ5ACPih6EgvnUqxiNXgzLQ7c/ gYjo0D8ZP79KixoROJPs5VRZhmVKCnMY+SSn/4TNf2vW5eMiJeHdeeciMWpHC7cZ+Z6Uh3w+Aj9n9FTux2N++WTjRx wbIBluqQL1ZuCd3XnXBxlG9C4Wi1dAynp3YSd1axyOciVQmwnPuZg9XgROeqCM0/z4nmKkAYuu1MRH0acgVOu3PL/q C06T+UOxvHUKtU7Qe14TFFioYY8e/Rrfnd2uOIujUZLM/kJEM+kSguvoWeK+ABZHyTvPCw5FRxAsDNCiA2rklzFtUx yoI6SqDDlGidY+TRQaRfLX0xvlTqr7PPuEMLKAoEGwkBPvOV24eUPcVC1+PgKMt2rsbt1tZYn7adS4dZ3aRaj0zp9Q 8Pea2lFTxvsANYklT05kHQt832VsFQ9PGuHPTX7A7z6QUW4P4GOE5dJ5USawOrjxZ/Mi621NZlLaLfTzPTJmxcJu3X cCG8VrkMco9JfbxnM0ZKgD9OI+qjnQpJXpkjNChtrgZ+tYzLPb4TpQgQphBTfKIyhcXwW9Y+Lze/3P0zmjpiTIWWN3 mbyE5W07KpCtwvvECJhCn1cMlPoaEV0ZxWJsPcYNVNqFcWeQiDJugkAe7VlWJsiznjJDioW+98SsFoZWz/4U0KCB0P Ja/4VAMdzRQmm0owEucWBHUUw1//9ufkgk7DqZ75sH28cjfsfiKiBZvLe61Q8yxs5iiXqHBkp6WRaPH93CslYI1sa4 izeScEye2decQObEfVDY7KAOFAQSW95hlqSHcSlm1hgYR+AsMmffnqHcH0ebyjsvYJoI3o7AMXjev7o9qGH9eEd+eU Tpn3lnqvDdbbTYdkjtE8HeOkhqiEIXUj5jX/owYjASbW0Q0l6M+QjRUu/eJaBVNYEG8l3xIbnPTGyEWM3hCCbIvoXA WlN972hL4x+SDGkr7pK+gq/D6+5+FL2qqB7Vr9aRnc1nPSV6nx8oEgX/fcZpPWSACwphq
HTTP/1.1 302 Moved Temporarily
Date: Tue, 16 Jul 2013 10:42:30 GMT
Server: Apache/2.2.15 (Win32) mod_jk/1.2.30
Set-Cookie: SMSESSION=yFelHh2awfWW7yLKZHpSnNHDstixrmkciGIIqfLtwSRrLEQeVdI4R9iO3Q9qynhWDFCk8OIW2HXl+Cl JOdVC5/mwavCdDtHZYn5tL1s6C3BjIGLJowaDVTXUeGZAt0JcyVHEQcsIVgiiFlmkPKPapEOprHPItaa/vZJal5eeK 7NN8s0RrJ+Me1PlBmRQdBSklMxilciwMaLMXAKRwHSstl3kw5n2Qo5VCRmjG34k3gsYWNHh/I5o6buRRszeGpdZLeU 9GLeOdk8r3qXiXwIOvBhkBZrfuPKMAa1IIhftEdeJgKh9XSuCxAHs8wTEGCDzBNSzqZ3Q6S1UhC8/aA8qw1o2lVMbn 3AaYb2LE2/PgW9pN6VctY4XW6O8Dpvri8iXMCHLR28F8KrzLgust3CPBu1D/APPyJpsc1ya/IxdO5FWmCmBvGviEnN m9sNjPZVMSg3rpUgH8C492Kg5k4TzbqRsCvnI7o8ulycpBLvQOoQ97xOO8esCj/jtQAC8Y2bKLCKPqJhSJO4ROCaK7 6cGMihhGDhqE5+IJsW4Wr7Om4l4mO1Ov28hwJiGZVW0NsF0BJDrqPcagMAolIQ8xgTX1wpxPQebt/voTr5+ZjPbUj5 5LRvavod8ePnrE9majS/Fzr1QkHpeZvMxE6UBJ3r32uiEqykcm91nKIZpgBNkwKP9HzbgMSh8KV+y4vxQeOUT2rQo8 8r3vql9d+XCU7jk0jv6J+ugBBxGVaRC99thR6kvolTo7QMn6vsUk6ZC57IpSy84CQHSxp0vtNYdnTRcL8IZUPXyh3L iBnmCmdpRbEpN2l8kR23Jn0Zb1i/BxbMFU5El8xkhxWiZPCRLHctIIoXhv6Mt4amlc84MbawQedaL3ynWQFPg3sgyn 8KbigvV6nKf+rOBeVVU/fwCpLRwHxZ8x5aKWXPTZuT1W3tCkA6OwWIi9fshksawMgzTnNYpP/vz+Yrp/akquH5qb25 ZXsUHaMzR6YC0Lnw7wAMjRoDELznOVg0fgL12mjRkplI2Fg1HjsbmGNtdsCuS5Nt/VAiur40GNPnRG+kYtTVvaTOLw ShaXSqbKc5y0Z2MiQ+sCxXmXueRTtnXYiMKd3dszcGkor3mW2QrJqkFblcTSnIUeYDHhCMK+dt/0xA1jsVVA9Zal4F ISyWTryDUK5BQHVGyAHOoZK7NsYosGabLtvVe777VO4Q3eBSWkEU5QWpe47eAe54o1nfsR+gl0lJjR7q9Ms5LNW9qU NZaBahic1+c4MqhqLY5l+yqrig3CaFm; Domain=.mahadiscom.in; Expires=Tue, 23-Jul-2013 10:42:30 GMT; Path=/
Set-Cookie: SPSESSION=aecQ9bgin1o3zGDHNhZJB8l5o1MmEmOjAMaACmYoXuqvLFak53UjUmMYKSW5VJ6CyOr/ahKrDAhWXja D8f/eFAW6G5oZ/4t6D0TSiozDepGNHdCRJ72Z/mAenAOQI63rkXwnWuCzmOZXGW6ZPIvSjPw3+0GGWnNFkM4ZhBhxs ZBKM2x2v4xy7I2LUTW4vV8IQovBHXIUfGxD38TuqBBfRR1tQu8GsW/q7LFQSSim+arvHSaJwrcNk63pCX539ouCEBi Ng8LUj9NPUF5FwiZwA7hcGNiRWdMae71ccYkVqmWC0WkU06KZETrqotVFGS8azZSPd+/xx6OodV5wxTq43Y/8CwEAL NqCZv/Ye4OJYYmParYAhgdON/PZ4UEuI5+dG/pICSxYA6NJyuswMz7LiIEXaltAhhhK+margc26sMGOf8hpE7M5OpV sU/Fc7ylpg2bmvT0bKOGg1o8h2jJIBx0SRhs6CByjauPdu3rBA0HVTRQnammCiWnjkHgJvyONi7B78HDo2vmQvB9og 7U9xQkhywLwg+ZyCmtx91zV1paP7Sk2pBPnGRQK+/WLdk8zEOG5d9Thmg4X9INZVgt8qwwOTky8mp9wNi48eO670BF DdD4PCM+PpiYAjV8NernCXcREpSD75THtvZNLq5LEzgmwNk6bThLcXHNYt5zhZEo/v559nDrx97r1EceZImKfII0kI QA6RS0MajM1/UvoI+gBjXqnXbybskBhdnt13zeoth6OmIP9DSjahILqOban09bmLXgzspG5t/EmIOdawfy/JKuRNPA H4nExF8Tt2iBRu1mLvcqWOidFKG1Qm/fo0YEalDZe2+m5PF9vCe5nWnqEPyzCOfcSzU4HnTFjyatlnunbexREhDNz7 2/oVfxq9sii+fiJgMM04J83WSwIE2dDhNN1/PU8+TH+WIkkB1r/DkI7ynir9g+5o2pKPyWem+HxRUmWy4AWGlbp+xT gPP7A7ZcOFMcWbzItEIEUpgYOXILk5DIXe8o08910s6bmYlUDZNRPBp/ZsqhI4A1cCQcdKqnCmx8BGkjJ/3VRxFxvx CeBJ6sEJomnUD+mw6Lxy10Q1r0QHAvbv2j4NLOR+XAoxMU2ye9mzrhspyWWEa2S+LgxhV5V563sNFXB57f+WJzIblk ww1iENF2rEhJtTebC3EEy5MkFlXPsacq4OUKsgavAlhO0xDIdhrg233eTZYFvIZ3xOhmjrfiLdkS/XvB2gwq6QRniU QDIY/D0QPtnNJ+GGFM/Mqvciu5K7gi6SK85nWiY08hnBJfiUen7C+KZ0lAEH2zNUhPnIJav0BgA/yIZhNswd3fZXoS ioFFz45isPRMYkZqkNEkoy32wBH5qVSHRJPIGxiGXT1b0ccUiuJx4ptKt7xKDqvsGmnu5; Domain=.mahadiscom.in; Expires=Tue, 23-Jul-2013 10:42:30 GMT; Path=/
Location: http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/_layouts/Authenticate.aspx?So urce=%2Fportal%2Fworkspace%2FWS%20Library%2F89000000
SPRequestGuid: 4fb96723-8eaf-4249-9f63-13a3c4d61a25
X-SharePointHealthScore: 5
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6106
Via: HTTP/1.1 dev-ms-db-01.devrapdrp.mahadiscom.in:80
Content-Length: 259
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html;charset=utf-8
<html><head><title>Object moved</title></head><body>
<h2>Object moved to <a href="http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/_layouts/Authenticate.aspx?So urce=%2Fportal%2Fworkspace%2FWS%20Library%2F89000000">here</a>.</h2>
</body></html>
After getting this response, 'Adobe Acrobat X Pro' do not send any more request.
Note, the same site collection(with claim based authentication), opens and allows to edit microsoft document successfully. There is request-response sequence.
Giving one of them for example, because all will flood the page-
OPTIONS http://dev-ms-db-01.devrapdrp.mahadiscom.in/portal/workspace/WS%20Library/89000000/ HTTP/1.1
User-Agent: Microsoft Office Protocol Discovery
Host: dev-ms-db-01.devrapdrp.mahadiscom.in
Content-Length: 0
Connection: Keep-Alive
Pragma: no-cache
Cookie: SMSESSION=yFelHh2awfWW7yLKZHpSnNHDstixrmkciGIIqfLtwSRrLEQeVdI4R9iO3Q9qynhWDFCk8OIW2HXl+Cl JOdVC5/mwavCdDtHZYn5tL1s6C3BjIGLJowaDVTXUeGZAt0JcyVHEQcsIVgiiFlmkPKPapEOprHPItaa/vZJal5eeK 7NN8s0RrJ+Me1PlBmRQdBSklMxilciwMaLMXAKRwHSstl3kw5n2Qo5VCRmjG34k3gsYWNHh/I5o6buRRszeGpdZLeU 9GLeOdk8r3qXiXwIOvBhkBZrfuPKMAa1IIhftEdeJgKh9XSuCxAHs8wTEGCDzBNSzqZ3Q6S1UhC8/aA8qw1o2lVMbn 3AaYb2LE2/PgW9pN6VctY4XW6O8Dpvri8iXMCHLR28F8KrzLgust3CPBu1D/APPyJpsc1ya/IxdO5FWmCmBvGviEnN m9sNjPZVMSg3rpUgH8C492Kg5k4TzbqRsCvnI7o8ulycpBLvQOoQ97xOO8esCj/jtQAC8Y2bKLCKPqJhSJO4ROCaK7 6cGMihhGDhqE5+IJsW4Wr7Om4l4mO1Ov28hwJiGZVW0NsF0BJDrqPcagMAolIQ8xgTX1wpxPQebt/voTr5+ZjPbUj5 5LRvavod8ePnrE9majS/Fzr1QkHpeZvMxE6UBJ3r32uiEqykcm91nKIZpgBNkwKP9HzbgMSh8KV+y4vxQeOUT2rQo8 8r3vql9d+XCU7jk0jv6J+ugBBxGVaRC99thR6kvolTo7QMn6vsUk6ZC57IpSy84CQHSxp0vtNYdnTRcL8IZUPXyh3L iBnmCmdpRbEpN2l8kR23Jn0Zb1i/BxbMFU5El8xkhxWiZPCRLHctIIoXhv6Mt4amlc84MbawQedaL3ynWQFPg3sgyn 8KbigvV6nKf+rOBeVVU/fwCpLRwHxZ8x5aKWXPTZuT1W3tCkA6OwWIi9fshksawMgzTnNYpP/vz+Yrp/akquH5qb25 ZXsUHaMzR6YC0Lnw7wAMjRoDELznOVg0fgL12mjRkplI2Fg1HjsbmGNtdsCuS5Nt/VAiur40GNPnRG+kYtTVvaTOLw ShaXSqbKc5y0Z2MiQ+sCxXmXueRTtnXYiMKd3dszcGkor3mW2QrJqkFblcTSnIUeYDHhCMK+dt/0xA1jsVVA9Zal4F ISyWTryDUK5BQHVGyAHOoZK7NsYosGabLtvVe777VO4Q3eBSWkEU5QWpe47eAe54o1nfsR+gl0lJjR7q9Ms5LNW9qU NZaBahic1+c4MqhqLY5l+yqrig3CaFm; SPSESSION=EHC4LQyCHd29iQYBYn4tZz32xTbluDRCKmE7MfoOvlo4X4bkU2z2+YB3GbbMs99E/nVU/QwCPFaNxTz 6dx9EAHyBo1xhs6fNhkrlFX+m/EZiufmafae/osbzcdx2fWbEsh78UnstGbRPRX5kSx8gCXRnc14vWagr+Y6nufb3w 50c+5u96DQJSR+WhoZOiVnmoeUHq7TIgd9N9dUl+9lBOyFfetYCHjvZNWHKANLMIl3lkbvO5xtMBpGLGZ/m12mitKx TQKJ++dbRcCUM9f8e52nz/soFLjhd3bL9KCln9IsaqBtBW1n/rBtxogQq8CLGl64RT3gW/yIAPPvCKQHKvT/PjsNOQ c4K4vSdN9zSxJFwrC6s1s046wxg707+iHQzChaVI8E/DcQPFn4FkdntwrO9CejVT1qSEkqRbr1XsxONaNWQu2SOyTQ 6vz3fO1j/Y+SH3R9+liZ/Q9HnQyh6DgMkswvbcJDqoVK61B6QGOJECihpMxjrtdHCEFDulMb5rnE70V3hBttLJRj8R 5T5ttHG5geAjync4BaWfIDLoi1hfJtUMPASnZKLzIl/SOwYHxFLIWL/P57T3NkrjiqTkoeqvP63Qf1pnWgh18gOFIF JuncxdnNI2Mg67UlJ+JPxQMPf6tuPWHD78SActM6r0pAnz7tbHmjb14D7ZmPjPN98yORlUxbL4vNzoXJYbYn0f3ZPw Rw6I1pF8cThGuMy7mb+0zwCPrsDCl23yS03l7GFavyk9bGRc4SDh5INslA1TI1rVS4k+9ECZpPKHiEtDDjQKWoO4Pi u/WrXgNWT3wl49qslDfBnHucyXFH6+FWfOBcP82DsbGLXt6+wsDIdOhTXFbweAIPXgsLL1bIjpBPzwR4KwIf0lOKxp O+Bah5ZQs7JtPIBjsnWO/KUfU4vQN3H6lBUBm8+lLEVNA8tBnyDhXhxvLmL3j7eeMCigRQsVtVOAwT9Lbyk+wie6Fa 2JzgNUXDJFL/n3uo/I1U6Z+UFz+oKaP/MPutCGUMFUq1K9zO9g60UD9YaB+OxIfO5vudJ0yrhaVAeSeyWn3bnVCKZi xHTpG1frsQqMm2NkmnMoe3r3KvyqvbdEBiLGVniyBUDRYqOn5vTTnvnRMuxpR+jRiSSg1REarO1IJLEUBX2XDAkuNY 5/ulMUVJXikVpRHE8T4NXVFssFtMYE6ff4Whc1ZrLiIt4QQy85QFszpI4jqVdb5Zrn66JdgY4w168+wHllLZh9iyoK CZKAWNRQzJSqfOmEqbMVMR+dAnBAwDRqydZ8AiE2lhlgqHB2dk3hETwickBvAldOqZdJu3jJ/w6CGL82Tx2W5eyHQU EkHU/gs7Lrpjxyc+fJSPK03LKZlS2Gpy5wHx2LFybBX1FndVbml0axdbX62uIjEOnDvD1; FedAuth=77u/PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0idXRmLTgiPz48U1A+MMe1LnR8c2hhcmVwb2lud HJlYWxtMWZvcmRldnNoYXJlcG9pbnRhZ2VudHw4OTAwMDAwMCwwx7UudHxzaGFyZXBvaW50cmVhbG0xZm9yZGV2c2h hcmVwb2ludGFnZW50fDg5MDAwMDAwLDEzMDE4NDQ5NzYwMjAyMDAwMCxGYWxzZSxlSGZscEVHNDJEK2F3SXRQVFNLa GNXMzR5VU1HZ2hIVVRNT2ppaDJxY2YzcVRtKzcwR3RxblNmQUlQSisxZkhZZXNzaUhsejRWU1owRkJJRExEWDdXZWt 0dXNYUjd5YUtiRzNxdEdzZEVWM0ZXWmp0Y20vdWpkdHhlTTcxd0luRllEQ25ld1oxa3k0MUJ4NVFOanFlSGpaMmdtZ GVWZEdLczdHTGxWV1J0NUVYMWJNT2pnMTBsaGQvV2VQc1dCNGFWUDBXWnlwdEpmUEZHTEV2QjVCdHZpd1ZjekFwQ0d HTGY5bkk5S2IxS285aHhxMXNuUkxKbi9GNi9HdG50M3FMaEl1YnR5ZGwyNHBiaXBVQ2RuZjNldWExeVFxQWdqV25zN mFONFV5VHMrQVpGUlRmcDBUVHNzL0R1d2dGa1IwSlpCZGd5UVpTNlBRTTZhK3J5ejlpZmc9PSxodHRwOi8vZGV2LW1 zLWRiLTAxLmRldnJhcGRycC5tYWhhZGlzY29tLmluLzwvU1A+
HTTP/1.1 200 OK
Date: Tue, 16 Jul 2013 10:49:17 GMT
Server: Apache/2.2.15 (Win32) mod_jk/1.2.30
Set-Cookie: SPSESSION=v9NiXhTOuExWMzaHXx+oFJTtC8w0vd23LS5AQL+js7Z+xCp9rbe1nlErG4kE+MQ1JzYoeF7PQ/h7Jjm l+8Z/qBIeTuO2muL+g/fQAYSAxx7kPlVVkRZ/gwq+2EtkYtQ/5egbPmSvyY/Uba5QndnYpjok3r4qJRY7p48tN4rr+ vcoolRC1bSVZaU7WrjOxnX7YbAeNNWRUIpI9Ut9L4G0tmv5NlGtg6SxnTZ1q+lbAG+/ZEnAxJorBFkq+tZZP9cRLB5 4u67swngb67etK8EVNbFrTXW/8n/XlotfF6dUgiVfD+tAfdsNJO7jsQ4bsAh4dP0frS/XDlPyv7QE1ZbYKC5gw5UOi m4Zw3Fitc0DrrQCEOpDZiWvK/gqxzAHm2PJPMNoM0jYxiuSAU8P6Y76vFsHWTY4Kkdhin9VTdEAxDMweMaEyS1ISbZ CHHxLHsAWyhUm24CFL1fZDcRW0x1DcoMu3y8yAN4tvXz4hn5GC46qI/q83+f3uNn6mdDYoEcEwbrVHP6K2YlErWfox gCz3Us7msXb2eK93fBQDRhUvhm9F300mr7523tWvVioeiNPGX7dl8CQxU67TGkkV9s45F3ShZKTlH0DsWSLJPhtd/D xENhCJR6yG4VkT1nThp6SpT2CuHmnlzYodKsRAtaDx5kCwlo9TKsIezs1FQqxtxZkvKxqaULgRx5ZSK/fJz6PiQwNd lRKUFw9uG5J9EWTRuz0AoWn0WF+32VWIeglhyDaMi/GWaD1pVZffnT68KRQWINVm/r3WPvk+23mPOYUX07Vy5bGO21 sZzCxLjmrhibt1wgF/syg9swcplf46JV61Q6ASMi/tXxRGcaCg75+8PrE7sjYjnxXsutmJJqtvnx6pdgpb4akmWnZF DRvptVxs0d/kMbf2YA7sJRpbNcIIR6tpIgm2FzKtk80Bj5aDM/e+FVfH0mpoqEk9/IwC2SdCoUfg6OFVV9JBowhCkj 17o1saz73pQoAzG5o51m33R1959jrQIwOwsI4t2R27F6jY9RCRzKvbEBPxhwl4hzpZ/LY5cQr1CvOlCPilXGlgKFGx rQl56OVQfsUFwBLEufTrHN5XR4SITUU1PW0IOgjxwems5jNlmsddWIsu08nmVuuagFQUaKwxk0p8jd9S4QBHFbknLv WhSgPfcd7yahHw0oqJ5cAFyjMa/LY1QD8MN8INDIEuY5jvzM5l5Jxn0Tr5i4aqHit89i3n6VeealPDEzS1CSSg0U3y P5K0DTAKMQLyUzFMB9ND63pAeNJaY3+PfmIYZsiQgEprNv+dagHVL3j8iU5kskxsIiRqJxVLt4G6WagnKcbCQt4gmz Enb5LSst1Zhx+MvYfCTwr8wYhrgnBCMNQEuC0i8FH5rM2GrpFDOL1336GX1tgyR5nTSXi; Domain=.mahadiscom.in; Expires=Tue, 23-Jul-2013 10:49:17 GMT; Path=/
Cache-Control: private,max-age=0
Allow: GET, POST, OPTIONS, HEAD, MKCOL, PUT, PROPFIND, PROPPATCH, DELETE, MOVE, COPY, GETLIB, LOCK, UNLOCK
Expires: Mon, 01 Jul 2013 10:49:15 GMT
Accept-Ranges: none
SPRequestGuid: 2f248360-fd85-4fb3-a185-b01dadac3f7a
X-SharePointHealthScore: 4
MS-Author-Via: MS-FP/4.0,DAV
X-MSDAVEXT: 1
DocumentManagementServer: Properties Schema;Source Control;Version History;
X-MSFSSHTTP: 1.0
DAV: 1,2
Public-Extension: http://schemas.microsoft.com/repl-2
X-Powered-By: ASP.NET
MicrosoftSharePointTeamServices: 14.0.0.6106
Via: HTTP/1.1 dev-ms-db-01.devrapdrp.mahadiscom.in:80
Content-Length: 0
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/plain
When site is with NTLM authentication, adobe acrobat x pro opens and allow to edit successfully. But when it there is Claim Based authentication, it cannot. It seems Adobe Acrobat X Pro does not have capability to send appropriate headers to handle claim based authentication. Also it is not able handle the sequence of request-response for claim based authentication. When searched on web, there is one product of Acrobat called LiveCycle, which has capability to handle SAML. Does that mean Adobe Acrobat X Pro does not have the capability to handle Claim based authentication so it is depend on LiveCycle for it?
thanks
Sharmila

Hi MkkLam
The below mentioned link might resolve this issue, kinldy try it:
LInk: http://helpx.adobe.com/creative-suite/kb/acrobat-failed-launch-30-days.html
Other related thread:
http://forums.adobe.com/thread/1021632
Thanks!
Atul Saini

Where I can get visio file of SAML claims-based authentication process

Hello
I saw SAML claims-based authentication process flow diagram on
http://msdn.microsoft.com/en-us/library/office/hh394901(v=office.14).aspx . Please let me know where I will get the visio of this file.
Regards
Avian

What makes you think that such a file is available (to the public)?
Use the graphic, or make your own.
Scott Brickey
MCTS, MCPD, MCITP
www.sbrickey.com
Strategic Data Systems - for all your SharePoint needs

SharePoint 2013 Claim based authentication

Hi,
I'm trying to configure SharePoint 2013 web application to use Claim based authentication. I updated the SharePoint web application using the following cmdlet:
Convert-SPWebApplication -Identity "http:// <servername>:port" -From Legacy -To Claims -RetainPermissions -Force
I noticed that the authentication mode has been changed to Claims Based Authentication for the detault zone. But when I use fiddler to capture the traffic, there is no FedAuth cookie for the traffic to my SharePoint site.
Questions:
1. Does FedAuth cookie must exist when the SharePoint web application is configured to use Claims Based Authentication?
2. The "Enable Windows Authentication" is checked and NTLM is selected for "Integrated Windows Authentication". Is this a correct setup for Claims based authentication?
3. Is there any documents talking about how to configure Windows Claims-Based authentication?
Thank you!

Hi Wu Tao,
Please find the below technet links and white paper (Claims-based
Identity for Windows (white paper)) which will talk about windows claim based authentication.
http://technet.microsoft.com/en-us/library/cc262350(v=office.15).aspx
http://technet.microsoft.com/en-us/library/jj219571(v=office.15).aspx
And the below link will talk about setup for claim based authentication.
http://technet.microsoft.com/en-in/library/ee806885(v=office.15).aspx
If you need more information, please let us know
Sekar - Our life is short, so help others to grow
Whenever you see a reply and if you think is helpful, click "Vote As Helpful"! And whenever
you see a reply being an answer to the question of the thread, click "Mark As Answer

Office Web Apps and Forms Based Authentication

Is it possible to use Office Web Apps Server 2013 to give external SharePoint Foundation 2013 clients access to Office documents in a View only capacity?
Does FBA work with Office Web Apps or would external users have to at least have a Windows CAL in AD if we are just using SharePoint Foundation?

Hi,
It may be possible.
Here are some links for your situation:
http://technet.microsoft.com/en-us/library/ff431682(v=office.15).aspx
http://blogs.technet.com/b/office_web_apps_server_2013_support_blog/archive/2014/03/20/office-web-apps-2013-errors-previewing-viewing-editing-documents-when-using-fba-in-the-extended-zone-but-not-the-default-zone.aspx
http://technet.microsoft.com/en-us/library/ee806890(v=office.15).aspx
Office Web Apps can be used only by SharePoint 2013 web applications that use claims-based authentication.
There is a known issue when using Office Web App in the extended zone with FBA, but not the default zone. Please configure FBA authentication in the Default zone in case of that.
Hope it helps.
Regards,
Rebecca Tu
TechNet Community Support

MOBI SSO with trusted authentication and form based authentication

Dear All,
I am trying to configure Trusted authentication based SSO FOR MOBI, here are the details:
- SAP BI 4.1 SP04
- Trusted authentication with HTTP header configurred for BI Launchpad and working fine.
Now to have SSO from Mobile, I plan to leverage the existing configuration of BI Launchpad and at Mobile level, I want to use authentication type as TRUSTED_AUTH_FORM, instead of TRUSTED_AUTH_BASIC, with the approach: Trusted authentication with HTTP header.
And
Provide our app users their X502 certs.
1. Will the above approach work ??
2. As per SAP NOTE: 2038165 - SSO using form based trusted auth gives with the SAP BI app for iOS gives error MOB00920 this does not work and is still under investigation from July last year ? So for any community member, has this been found working ??
I would appreciate your valuable inputs.
Regards,
Sarvjot Singh

Hi,
According to your post, my understanding is that you want to know the difference of the SharePoint three type user authentications.
Windows claims-based authentication uses your existing Windows authentication provider (Active Directory Domain Services [AD DS]) to validate the credentials of connecting clients. Use this authentication to allow AD DS-based accounts access to SharePoint
resources. Authentication methods include NTLM, Kerberos, and Basic.
Forms-based authentication can be used against credentials that are stored in an authentication provider that is available through the ASP.NET interface
SAML token-based authentication in SharePoint 2013 requires coordination with administrators of a claims-based environment, whether it is your own internal environment or a partner environment.
There is a good article contains all the SharePoint Authentications, including how they work and how to configure.
http://sp77.blogspot.com/2014/02/authentication-in-sharepoint-2013_5.html#.VFcyQ_mUfkJ
Thanks & Regards,
Jason
Jason Guo
TechNet Community Support

Forcing specific clients or groups to use forms based authentication (FBA) instead of windows based authentication (WIA) with ADFS

Hi,
We are have a quite specific issue. The problem is most likely by design in ADFS 3.0 (running on Windows Server 2012 R2) and we are trying to find a "work-around".
Most users in the organization is using their own personal computer and everything is fine and working as expected, single sign-on (WIA) internally to Office 365 and forms based (FBA) externally (using Citrix NetScaler as reverse proxy and load
balancing with the correct rewrites to add client-ip, proxy header and URL-transformation).
The problem occurs for a few (50-100) users where they are sharing the same computer, automatically logged on to the computer using a generic AD-user (same for all of them). This AD-user they are logged on with does not have any access to Office365
and if they try to access SharePoint Online they receive an error that they can't login (from SharePoint Online, not ADFS).
We can't change this, they need to have this generic account logged on to these computers. The issue occurs when a user that has access to SharePoint Online tries to access it when logged on with a generic account.
They are not able to "switch" from the generic account in ADFS / SharePoint Online to their personal account.
The only way I've found that may work is removing IE as a WIA-capable agent and deploy a User-Agent version string specific to most users but not the generic account.
My question to you: Is there another way? Maybe when ADFS sees the generic user, it forces forms based authentication or something like that?
Best regards,
Simon

I'd go with your original workaround using the user-agent and publishing a GPO for your normal users that elects to use a user-agent string associated with Integrated Windows Auth.. for the generic accounts, I'd look at using a loopback policy that overwrites
that user agent setting, so that forms logon is preferred for that subset of users. I don't think the Netscaler here is useful in this capacity as it's a front-end proxy and you need to evaluate the AuthZ rules on the AD FS server after the request has been
proxied. The error pages in Windows Server 2012 R2 are canned as the previous poster mentioned and difficult to customize (Javascript only)...
http://blog.auth360.net

Retrieving results for comparison in form based authentication with entitie

Hi,Im developing an application using EJB3.0 and at the moment im working on a module involving user authentication.I work with the sun java system appserver 9.1 and netbeans 5.5.2 using the default toplink as the persistent provider.I have problems performing user based authentication.where am at is at shown below.I used a SLSB facade design pattern and created an entity from an existing database I built solely for the application (table name user_table). This is the code I have currently:
Entity
* UserTable.java
* Created on 31 March 2008, 16:06
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import java.io.Serializable;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.Id;
import javax.persistence.Table;
* Entity class UserTable
* @author Ayo
@Entity
@Table(name = "user_table")
public class UserTable implements Serializable {
@Id
@Column(name = "user_id", nullable = false)
private Integer userId;
@Column(name = "username")
private String username;
@Column(name = "password")
private String password;
@Column(name = "user_type")
private String userType;
@Column(name = "access_level")
private String accessLevel;
@Column(name = "staff_id")
private Integer staffId;
@Column(name = "staff_type", nullable = false)
private String staffType;
@Column(name = "time_created")
private String timeCreated;
@Column(name = "time_modified")
private String timeModified;
@Column(name = "time_logged_in")
private String timeLoggedIn;
@Column(name = "time_logged_out")
private String timeLoggedOut;
@Column(name = "created_by")
private String createdBy;
/** Creates a new instance of UserTable */
public UserTable() {
* Creates a new instance of UserTable with the specified values.
* @param userId the userId of the UserTable
public UserTable(Integer userId) {
this.userId = userId;
* Creates a new instance of UserTable with the specified values.
* @param userId the userId of the UserTable
* @param staffType the staffType of the UserTable
public UserTable(Integer userId, String staffType) {
this.userId = userId;
this.staffType = staffType;
* Gets the userId of this UserTable.
* @return the userId
public Integer getUserId() {
return this.userId;
* Sets the userId of this UserTable to the specified value.
* @param userId the new userId
public void setUserId(Integer userId) {
this.userId = userId;
* Gets the username of this UserTable.
* @return the username
public String getUsername() {
return this.username;
* Sets the username of this UserTable to the specified value.
* @param username the new username
public void setUsername(String username) {
this.username=username;
* Gets the password of this UserTable.
* @return the password
public String getPassword() {
return this.password;
* Sets the password of this UserTable to the specified value.
* @param password the new password
public void setPassword(String password) {
this.password=password;
* Gets the userType of this UserTable.
* @return the userType
public String getUserType() {
return this.userType;
* Sets the userType of this UserTable to the specified value.
* @param userType the new userType
public void setUserType(String userType) {
this.userType = userType;
* Gets the accessLevel of this UserTable.
* @return the accessLevel
public String getAccessLevel() {
return this.accessLevel;
* Sets the accessLevel of this UserTable to the specified value.
* @param accessLevel the new accessLevel
public void setAccessLevel(String accessLevel) {
this.accessLevel = accessLevel;
* Gets the staffId of this UserTable.
* @return the staffId
public Integer getStaffId() {
return this.staffId;
* Sets the staffId of this UserTable to the specified value.
* @param staffId the new staffId
public void setStaffId(Integer staffId) {
this.staffId = staffId;
* Gets the staffType of this UserTable.
* @return the staffType
public String getStaffType() {
return this.staffType;
* Sets the staffType of this UserTable to the specified value.
* @param staffType the new staffType
public void setStaffType(String staffType) {
this.staffType = staffType;
* Gets the timeCreated of this UserTable.
* @return the timeCreated
public String getTimeCreated() {
return this.timeCreated;
* Sets the timeCreated of this UserTable to the specified value.
* @param timeCreated the new timeCreated
public void setTimeCreated(String timeCreated) {
this.timeCreated = timeCreated;
* Gets the timeModified of this UserTable.
* @return the timeModified
public String getTimeModified() {
return this.timeModified;
* Sets the timeModified of this UserTable to the specified value.
* @param timeModified the new timeModified
public void setTimeModified(String timeModified) {
this.timeModified = timeModified;
* Gets the timeLoggedIn of this UserTable.
* @return the timeLoggedIn
public String getTimeLoggedIn() {
return this.timeLoggedIn;
* Sets the timeLoggedIn of this UserTable to the specified value.
* @param timeLoggedIn the new timeLoggedIn
public void setTimeLoggedIn(String timeLoggedIn) {
this.timeLoggedIn = timeLoggedIn;
* Gets the timeLoggedOut of this UserTable.
* @return the timeLoggedOut
public String getTimeLoggedOut() {
return this.timeLoggedOut;
* Sets the timeLoggedOut of this UserTable to the specified value.
* @param timeLoggedOut the new timeLoggedOut
public void setTimeLoggedOut(String timeLoggedOut) {
this.timeLoggedOut = timeLoggedOut;
* Gets the createdBy of this UserTable.
* @return the createdBy
public String getCreatedBy() {
return this.createdBy;
* Sets the createdBy of this UserTable to the specified value.
* @param createdBy the new createdBy
public void setCreatedBy(String createdBy) {
this.createdBy = createdBy;
* Returns a hash code value for the object. This implementation computes
* a hash code value based on the id fields in this object.
* @return a hash code value for this object.
@Override
public int hashCode() {
int hash = 0;
hash += (this.userId != null ? this.userId.hashCode() : 0);
return hash;
* Determines whether another object is equal to this UserTable. The result is
* <code>true</code> if and only if the argument is not null and is a UserTable object that
* has the same id field values as this object.
* @param object the reference object with which to compare
* @return <code>true</code> if this object is the same as the argument;
* <code>false</code> otherwise.
@Override
public boolean equals(Object object) {
// TODO: Warning - this method won't work in the case the id fields are not set
if (!(object instanceof UserTable)) {
return false;
UserTable other = (UserTable)object;
if (this.userId != other.userId && (this.userId == null || !this.userId.equals(other.userId))) return false;
return true;
* Returns a string representation of the object. This implementation constructs
* that representation based on the id fields.
* @return a string representation of the object.
@Override
public String toString() {
return "Entities.UserTable[userId=" + userId + "]";
SLSB
* UserTableFacade.java
* Created on 31 March 2008, 16:07
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import java.util.*;
import javax.ejb.Stateless;
import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
* @author Ayo
@Stateless
public class UserTableFacade implements UserTableFacadeLocal {
@PersistenceContext
private EntityManager em;
/** Creates a new instance of UserTableFacade */
public UserTableFacade() {
public void create(UserTable userTable) {
em.persist(userTable);
public void edit(UserTable userTable) {
em.merge(userTable);
public void destroy(UserTable userTable) {
em.merge(userTable);
em.remove(userTable);
public List findAll() {
return em.createQuery("select Object(o)from UserTable as o").getResultList();
local interface
* UserTableFacadeLocal.java
* Created on 31 March 2008, 16:07
* To change this template, choose Tools | Template Manager
* and open the template in the editor.
package Entities;
import java.util.*;
import javax.ejb.Local;
* @author Ayo
@Local
public interface UserTableFacadeLocal {
void create(UserTable userTable);
void edit(UserTable userTable);
void destroy(UserTable userTable);
List findAll();
controller servlet
* userCheck.java
* Created on 15 March 2008, 22:41
package servlets;
import Entities.UserTable;
import Entities.UserTableFacadeLocal;
import Entities.userValidationBean;
import Entities.userValidationRemote;
import java.io.*;
import java.util.Iterator;
import java.util.List;
import java.util.Collection;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.ejb.*;
* @author Ayo
* @version
public class userCheck extends HttpServlet {
@EJB
private UserTableFacadeLocal userTableFacade;
UserTable u;
String userFellow;
String pass;
String username,password;
/** Processes requests for both HTTP <code>GET</code> and <code>POST</code> methods.
* @param request servlet request
* @param response servlet response
protected void processRequest(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
/*con=null;
ps=null;
rs=null;
s=null;
*/response.setContentType("text/html;charset=UTF-8");
PrintWriter out = response.getWriter();
username=request.getParameter("username");
password=request.getParameter("password");
if(username==""||password=="")
showError("<b><font color=\"red\">Please fill in the required blanks.</font></b>",request,response);
else
List user=userTableFacade.findAll();
for(Iterator it=user.iterator();it.hasNext();)
u=(UserTable)it.next();
userFellow= u.getUsername();
pass=u.getPassword();
//out.println(" <b>"+elem.getTitle()+" </b><br />");
//out.println(elem.getBody()+"<br /> ");
//I used the following two lines to determing if im actually accessing the database and retrieving results, and I get all records in the table(usernames and passwords).
//BUT I NEED A SPECIFIC RECORD TO MATCH THE USERNAME AND PASSWORD FROM THE FORM AND IF IT DOES NOT MATCH,I REDIRECT TO THE ERROR PAGE.THAT'S WHERE IM STUCK.
out.println(userFellow);
out.println(pass);
/* if(username.equals(userFellow)&&password.equals(pass))
RequestDispatcher d=request.getRequestDispatcher("blah.jsp");
d.forward(request,response);
else
showError("<b><font color=\"red\">Invalid Login details!</font></b>",request,response);
private void showError(String errorMsg,HttpServletRequest request,HttpServletResponse response)throws ServletException,IOException
request.setAttribute("error_msg",errorMsg);
RequestDispatcher dispatcher=request.getRequestDispatcher("admin_error.jsp");
dispatcher.forward(request,response);
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/** Handles the HTTP <code>GET</code> method.
* @param request servlet request
* @param response servlet response
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Handles the HTTP <code>POST</code> method.
* @param request servlet request
* @param response servlet response
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
processRequest(request, response);
/** Returns a short description of the servlet.
public String getServletInfo() {
return "Short description";
// </editor-fold>
I NEED HELP.ive been on this for 5 days and i cant seem to get a solution. I tried creating a method (private Collection findByUsername()) and(private Collection
findByPassword()) in the local interface that would supposedly return records based on input from the form but I got a null pointer and an ejb exception saying
unknown find method or something, as in ,or an error message that said i cant search records by name or something.I dont know. Or is it the query that is not
specific enough. I didnt seem to get the syntax right when i was trying to search by username and password.Please someone help me.
Ayo.

Hey everyone,
Is the question I posted that hard?
I even tried to just load a HTML <img src="picture.jpg"/> tag
on the login.jsp and even this won't show.
I'm thinking that the container, with the security mechanism, is blocking
styles and images???
Anyone...please help.
-Yuri

FORM based Authentication issue on Sun ONE AS7

I am trying to use FORM based authentication for a web module I created, and can not get it to work. I have registered the roles through the admin console of the server, and adjusted the web.xml. When I try to use BASIC authentication, I get a 'Authentication refused for []' message before I even log in, and another one after I do. When I use FORM authentication, the URL points to my login.jsp page (no matter what I put in the path, which is what is supposed to happen), however my default servlet (hello.java) is actually run, and the login.jsp page never comes up. I created my jsps and servlet in the mounted [ejb]_WebModule. Please let me know if something seems incorrect here, or if you can think of something I should check...I can't find anything out there to help me.
Here is my web.xml:
<web-app>
<display-name>DiningGuideManager_TestApp</display-name>
<servlet>
<servlet-name>front</servlet-name>
<servlet-class>data.DiningGuideManager_WebModule.hello</servlet-class>
</servlet>
<servlet>
<servlet-name>myPage</servlet-name>
<jsp-file>/myPage.jsp</jsp-file>
</servlet>
<servlet-mapping>
<servlet-name>front</servlet-name>
<url-pattern>/*</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>30</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>Security</web-resource-name>
<url-pattern>/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>Me</role-name>
<role-name>EveryoneElse</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>default</realm-name>
</login-config>
<security-role>
<role-name>Me</role-name>
</security-role>
<security-role>
<role-name>EveryoneElse</role-name>
</security-role>
<ejb-ref>
<ejb-ref-name>ejb/TestedEJB</ejb-ref-name>
<ejb-ref-type>Session</ejb-ref-type>
<home>data.DiningGuideManagerHome</home>
<remote>data.DiningGuideManager</remote>
<ejb-link>DiningGuideManager</ejb-link>
</ejb-ref>
</web-app>
for FORM authentication I have this:
<login-config>
<auth-method>FORM</auth-method>
<realm-name>default</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
<form-error-page>/error.jsp</form-error-page>
</form-login-config>
</login-config>
Thanks,
Michelle

Yes there's a default generated index.jsp page that I'm having trouble overriding with one of my own. Have you used Form Based Authentication before? To do so you have edit the WEB-INF/web.xml file by adding:
<security-constraint>
<web-resource-collection>
<web-resource-name>Secure Area</web-resource-name>
<url-pattern>/test/secure/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name>admin</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM</auth-method>
<form-login-config>
<form-login-page>/test/secure/loginpage.jsp</form-login-page>
<form-error-page>/test/secure/errorpage.jsp</form-error-page>
</form-login-config>
</login-config>
When you attempt to first go to any page in my /test/secure/ directory you get redirected to the /test/secure/loginpage.jsp where you have to login as a tomcat user, when succesfully logged on you get redirected to an index.jsp page which is NOT the one I created in test/secure/index.jsp. Even when I type in the url to go to my own test/secure/index.jsp I still don't get my own one that exists there, but instead get the default one that's generated that displays:
"Authentication Mechanism FORM".
Hope that makes more sense.
I've tried restarting tomcat but it makes no difference.

Claims Based Authentications - adding removing claims

Similar Messages

Maybe you are looking for