Is a valid SSL certificate required to make the Claims-Based Authentication work in Sharepoint Foundation 2010?
https://stackoverflow.com/questions/4694138
-
11-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am trying to get the claims-based authentication to work with Sharepoint Foundation 2010. I have followed several of the tutorials online and added my role and membership providers to the web.config of the applications as well as the STS web service. (I actually added the providers to machine.config but tried it both ways with same results.) The exception that is thrown when trying to authenticate (or even just browse the service directly) is:
System.InvalidOperationException: An exception was thrown in a call to a policy export extension. Extension: System.ServiceModel.Channels.TransportSecurityBindingElement Error: Security policy export failed. The binding contains a TransportSecurityBindingElement but no transport binding element that implements ITransportTokenAssertionProvider. Policy export for such a binding is not supported. Make sure the transport binding element in the binding implements the ITransportTokenAssertionProvider interface.
Now, I am accessing the service over SSL but with a self-signed certificate (which throws up the standard warning in IE). There is supposed to be a flag in the section of the web service config called "allowInsecureTransport" but this is apparently only available in .net 4. When I try to see the framework version on the app pool for this web service to use v4, the service will not even run at all.
If anyone out there has successfully configured a custom authentication provider (based on the SqlMembershipProvider) to work with Sharepoint 2010, I would be very interested in how you managed to do it. I don't have a certificate for this server yet but if that is truly all I am missing then I will order one today! Thanks.
Solution
Have you installed:
A hotfix for the .NET Framework 3.5 SP1 that provides a method to support token authentication without transport security or message encryption in WCF.
http://technet.microsoft.com/en-us/library/cc262485.aspx
Which could be either of these:
Windows Server 2008 with SP 2 FIX: A hotfix that provides a method to support the token authentication without transport security or message encryption in WCF is available for the .NET Framework 3.5 SP1 (http://go.microsoft.com/fwlink/?LinkID=160770)
Windows Server 2008 R2 FIX: A hotfix that provides a method to support the token authentication without transport security or message encryption in WCF is available for the .NET Framework 3.5 SP1 (http://go.microsoft.com/fwlink/?LinkID=166231)
