Code to create a security token isn't working

sharepoint.stackexchange https://sharepoint.stackexchange.com//questions/21560

質問

I've been developing a SharePoint Server 2010 site, which uses Forms Based Authentication. As part of my custom login script, I used the following C# code:

System.IdentityModel.Tokens.SecurityToken token = SPSecurityContext.SecurityTokenForFormsAuthentication(new Uri(SPContext.Current.Web.Url), Membership.Providers["FBAMembershipProvider"].Name, Roles.Providers["FBARoleProvider"].Name, FBAUserName, FBAPassword);
SPFederationAuthenticationModule.Current.SetPrincipalAndWriteSessionToken(token);

On my dev server it works just fine, creating the appropriate token and allowing a user to be logged in with FBA.

However, I'm now transferring all my code to a new SharePoint Server 2010 server, and the code above isn't working. The first line returns a token with a null value.

Can anyone help me understand why?

In the back of my mind I'm thinking that I need to install something on the new server, but I can't for the life of me remember what it is. Something like ADSF, or similar acronym. I check the Control Panel > Programs and Features on the old server, but couldn't see anything that might be relevant.

Any ideas?

[update] Following Anders Rask's request for the ULS logs, I think I found the cause of my issue. Now I need to find the solution (I think I've seen this before)

10/18/2011 22:07:24.65  w3wp.exe (0x0968)                           0x0758  SharePoint Foundation           Claims Authentication           0000    Unexpected  Password check on 'mytest@email.com' generated exception: 'System.Configuration.Provider.ProviderException: You must specify a non-autogenerated machine key to store passwords in the encrypted format. Either specify a different passwordFormat, or change the machineKey configuration to use a non-autogenerated decryption key.     at System.Web.Security.MembershipProvider.EncryptPassword(Byte[] password)     at System.Web.Security.MembershipProvider.EncodePassword(String pass, Int32 passwordFormat, String salt)     at System.Web.Security.SqlMembershipProvider.CheckPassword(String username, String password, Boolean updateLastLoginActivityDate, Boolean failIfNotApproved, String& salt, Int32& passwordFormat)     at System.Web.Security.SqlMembershipProvider.ValidateUser(String username, Str...    
10/18/2011 22:07:24.65* w3wp.exe (0x0968)                           0x0758  SharePoint Foundation           Claims Authentication           0000    Unexpected  ...ing password)     at Microsoft.SharePoint.IdentityModel.SPFormsUserNameSecurityTokenHandler.ValidateToken(SecurityToken token)'.  
10/18/2011 22:07:24.65  w3wp.exe (0x0968)                           0x0758  SharePoint Foundation           Claims Authentication           fo1t    Monitorable SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).   
10/18/2011 22:07:24.66  w3wp.exe (0x0E00)                           0x11DC  SharePoint Foundation           Claims Authentication           fsq7    High        Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)     at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)     at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)  4acf80d8-9c59-457f-a859-60f8a9af6d46
10/18/2011 22:07:24.66  w3wp.exe (0x0E00)                           0x11DC  SharePoint Foundation           Claims Authentication           8306    Critical    An exception occurred when trying to issue security token: The security token username and password could not be validated..    4acf80d8-9c59-457f-a859-60f8a9af6d46
役に立ちましたか?

解決

yeah i have seen this before as well, and it has hit me in production as well ;-)

Are you using ProtectedData in .NET to encrypt passwords? http://msdn.microsoft.com/en-us/library/system.security.cryptography.protecteddata.unprotect.aspx

my guess is that you are seeing this now because your production environment is multi-server, and your development environment is single server. Encryption works fine with machine key as long as you are on a single server, but it breaks when you run on several servers.

ライセンス: CC-BY-SA帰属
所属していません sharepoint.stackexchange
scroll top