When I create a new web application in SharePoint 2010 (Central Admin), using "Claim Based Authentication", I keep getting this HTTP 500 error. I have tried all the things I have read from various posts but none seem to resolve my issue. However,
I did notice that when I create the web application using "Classic Mode Authentication", everything seems to work just fine.
Is there a reason why this is the case? Has anyone seen this issue in the past, and if so...could you please share the knowledge on what the cause is and what can be done to fix it?
Unable to login to claim based web page created using sharepoint 2010
March 27th, 2015 12:26pm
If I remember correctly when we had an issue like this. We set a switch in the web.config I believe this is what the SharePoint guy did at the time.
CustomError=Off
Free Windows Admin Tool Kit Click here and download it now
March 27th, 2015 12:32pm
still did not work.
March 30th, 2015 11:48am
Hi,
As I understand, you cannot log in SharePoint site when using claim based authentication in SharePoint 2010.
You can check the details of the error in ULS log. (The path of the ULS log: C:\Program files\Common Files\Microsoft Shared\Web Server Extensions\14\LOGS).
Maybe the cause is that application pool account was missing the "Impersonate a client after authentication" user right, then you can do the troubleshooting steps below:
1. Go to Start - Administrative tools - Local Security Policy - Local Policies - User Right Assignments - Impersonate a client after authentication properties
2. Add the Application Pool account for the site which is not working.
3. Reboot the server, so the changes can take effect.
4. Browse the site and it should work fine.
The article below is about the HTTP 500 Internal Server Error.
http://blogs.msdn.com/b/allengeorge/archive/2013/10/23/http-500-internal-server-error.aspx
Best regards
Sara Fan
Free Windows Admin Tool Kit Click here and download it now
April 1st, 2015 12:56am
Hi,
As I understand, you cannot log in SharePoint site when using claim based authentication in SharePoint 2010.
You can check the details of the error in ULS log. (The path of the ULS log: C:\Program files\Common Files\Microsoft Shared\Web Server Extensions\14\LOGS).
Maybe the cause is that application pool account was missing the "Impersonate a client after authentication" user right, then you can do the troubleshooting steps below:
1. Go to Start - Administrative tools - Local Security Policy - Local Policies - User Right Assignments - Impersonate a client after authentication properties
2. Add the Application Pool account for the site which is not working.
3. Reboot the server, so the changes can take effect.
4. Browse the site and it should work fine.
The article below is about the HTTP 500 Internal Server Error.
http://blogs.msdn.com/b/allengeorge/archive/2013/10/23/http-500-internal-server-error.aspx
Best regards,
Sa
April 1st, 2015 12:56am
Hello Fan,
I have done the settings you described above but the issue persist.
I really dont know what else to do.
Regards,
Kingsley
Free Windows Admin Tool Kit Click here and download it now
April 1st, 2015 4:57am
There are a dozen ways that you can get a 500 error on a new site collection.
- Have you checked the event logs for anything?
Have you checked the ULS logs for any entries? - Have you confirmed that the application pool and site is up and running?
- Can you confirm that the 500 error only occurs for the new web application and that you have created a site collection at the root?
- Once the web application + site collection have been created can you access them through PowerShell?
Without knowing what you've tried we can't suggest things that you might not have done.
- Edited by Alex BrassingtonMicrosoft community contributor 22 hours 17 minutes ago
April 1st, 2015 5:17am
Hello Alex,
Thank you for your time and support.
The application pool is up and running. The site collection was successfully created. Web site with classic authentication works but claims authentication do not work.
I dont know how to access the site via powershell. The error occurred when I created the first web application and site collection after I installed Sharepoint and the root site
Error message
Event log: Log Name: Application
Source: Microsoft-SharePoint Products-SharePoint Foundation
Date: 01/04/2015 12:32:31
Event ID: 8305
Task Category: Claims Authentication
Level: Error
Keywords:
User: KAZTEC-ENG\sun.ion
Computer: KAZTEC-SP1.KAZTEC-ENG.LOCAL
Description:
An exception occurred when trying to establish endpoint for context: Unrecognized attribute 'allowInsecureTransport'. Note that attribute names are case-sensitive. (C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebClients\SecurityToken\client.config
line 41).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-SharePoint Products-SharePoint Foundation" Guid="{6FB7E0CD-52E7-47DD-997A-241563931FC2}" />
<EventID>8305</EventID>
<Version>14</Version>
<Level>2</Level>
<Task>47</Task>
<Opcode>0</Opcode>
<Keywords>0x4000000000000000</Keywords>
<TimeCreated SystemTime="2015-04-01T11:32:31.895416500Z" />
<EventRecordID>42358</EventRecordID>
<Correlation ActivityID="{07C18AE0-6233-40E9-B99E-C747723ECFC2}" />
<Execution ProcessID="788" ThreadID="6224" />
<Channel>Application</Channel>
<Computer>KAZTEC-SP1.KAZTEC-ENG.LOCAL</Computer>
<Security UserID="S-1-5-21-1872518793-706367052-2123955694-1206" />
</System>
<EventData>
<Data Name="string0">Unrecognized attribute 'allowInsecureTransport'. Note that attribute names are case-sensitive. (C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebClients\SecurityToken\client.config
line 41)</Data>
</EventData>
</Event>
Client file located in C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\WebClients\SecurityToken
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<system.serviceModel>
<client>
<endpoint
name="SecurityTokenService"
contract="Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract"
binding="customBinding"
bindingConfiguration="spStsBinding"/>
<endpoint
name="SecurityTokenService_ActAs"
contract="Microsoft.IdentityModel.Protocols.WSTrust.WSTrustServiceContract"
binding="customBinding"
bindingConfiguration="spStsActAsBinding"/>
<endpoint
name="WindowsTokenCacheService"
contract="Microsoft.SharePoint.Administration.Claims.ISPWindowsTokenCacheServiceContract"
binding="customBinding"
bindingConfiguration="SPWindowsTokenCacheServiceHttpsBinding"/>
</client>
<!-- Binding List: -->
<bindings>
<customBinding>
<binding
name="spStsBinding">
<binaryMessageEncoding>
<readerQuotas
maxStringContentLength="1048576"
maxArrayLength="2097152"/>
</binaryMessageEncoding>
<httpTransport
maxReceivedMessageSize="2162688"
authenticationScheme="Negotiate"
useDefaultWebProxy="false" />
</binding>
<binding
name="spStsActAsBinding">
<security
authenticationMode="SspiNegotiatedOverTransport"
allowInsecureTransport="true"
defaultAlgorithmSuite="Basic256Sha256"
messageSecurityVersion="WSSecurity11WSTrust13WSSecureConversation13WSSecurityPolicy12" />
<binaryMessageEncoding>
<readerQuotas
maxStringContentLength="1048576"
maxArrayLength="2097152"/>
</binaryMessageEncoding>
<httpTransport
maxReceivedMessageSize="2162688"
authenticationScheme="Negotiate"
useDefaultWebProxy="false"/>
</binding>
<binding name="SPWindowsTokenCacheServiceHttpsBinding">
<security authenticationMode="IssuedTokenOverTransport" />
<textMessageEncoding>
<readerQuotas maxStringContentLength="1048576" maxArrayLength="2097152"/>
</textMessageEncoding>
<httpsTransport maxReceivedMessageSize="2162688" authenticationScheme="Anonymous" useDefaultWebProxy="false" />
</binding>
</customBinding>
</bindings>
</system.serviceModel>
Regards,
Kingsley
Free Windows Admin Tool Kit Click here and download it now
April 1st, 2015 9:09am
There are a dozen ways that you can get a 500 error on a new site collection.
- Have you checked the event logs for anything?
Have you checked the ULS logs for any entries? - Have you confirmed that the application pool and site is up and running?
- Can you confirm that the 500 error only occurs for the new web application and that you have created a site collection at the root?
- Once the web application + site collection have been created can you access them through PowerShell?
Without knowing what you've tried we can't suggest things that you might not have done.
- Edited by Alex BrassingtonMicrosoft community contributor Wednesday, April 01, 2015 9:17 AM
April 1st, 2015 9:16am
Hi,
Based on the details about the error, there is an unrecognized attribute 'allowInsecureTransport' in the client.config.
To resolve this issue you will need to download the KB976462 hotfix which can be found at http://connect.microsoft.com/VisualStudio/Downloads/DownloadDetails.aspx?DownloadID=23806.
The article below is about unrecognized attribute allowInsecureTransport.
http://www.the14folder.com/tag/unrecognized-attribute-allowinsecuretransport/
Best regards
Sara Fan
Free Windows Admin Tool Kit Click here and download it now
April 2nd, 2015 12:54am
Hi,
Based on the details about the error, there is an unrecognized attribute 'allowInsecureTransport' in the client.config.
To resolve this issue you will need to download the KB976462 hotfix which can be found at http://connect.microsoft.com/VisualStudio/Downloads/DownloadDetails.aspx?DownloadID=23806.
The article below is about unrecognized attribute allowInsecureTransport.
http://www.the14folder.com/tag/unrecognized-attribute-allowinsecuretransport/
Best regards,
Sa
April 2nd, 2015 4:53am
The KB976462 hotfix resolved the issue.
Thank you Sara Fan
- Marked as answer by kingruke 2 hours 44 minutes ago
Free Windows Admin Tool Kit Click here and download it now
April 13th, 2015 12:51am
This topic is archived. No further replies will be accepted.
Other recent topics
