3

I am trying to get the claims-based authentication to work with Sharepoint Foundation 2010. I have followed several of the tutorials online and added my role and membership providers to the web.config of the applications as well as the STS web service. (I actually added the providers to machine.config but tried it both ways with same results.) The exception that is thrown when trying to authenticate (or even just browse the service directly) is:

System.InvalidOperationException: An exception was thrown in a call to a policy export extension. Extension: System.ServiceModel.Channels.TransportSecurityBindingElement Error: Security policy export failed. The binding contains a TransportSecurityBindingElement but no transport binding element that implements ITransportTokenAssertionProvider. Policy export for such a binding is not supported. Make sure the transport binding element in the binding implements the ITransportTokenAssertionProvider interface.

Now, I am accessing the service over SSL but with a self-signed certificate (which throws up the standard warning in IE). There is supposed to be a flag in the section of the web service config called "allowInsecureTransport" but this is apparently only available in .net 4. When I try to see the framework version on the app pool for this web service to use v4, the service will not even run at all.

If anyone out there has successfully configured a custom authentication provider (based on the SqlMembershipProvider) to work with Sharepoint 2010, I would be very interested in how you managed to do it. I don't have a certificate for this server yet but if that is truly all I am missing then I will order one today! Thanks.

Brock Adams
  • 90,639
  • 22
  • 233
  • 295
Newclique
  • 494
  • 3
  • 15

1 Answers1

2

Have you installed:

A hotfix for the .NET Framework 3.5 SP1 that provides a method to support token authentication without transport security or message encryption in WCF.

http://technet.microsoft.com/en-us/library/cc262485.aspx

Which could be either of these:

Windows Server 2008 with SP 2 FIX: A hotfix that provides a method to support the token authentication without transport security or message encryption in WCF is available for the .NET Framework 3.5 SP1 (http://go.microsoft.com/fwlink/?LinkID=160770)

Windows Server 2008 R2 FIX: A hotfix that provides a method to support the token authentication without transport security or message encryption in WCF is available for the .NET Framework 3.5 SP1 (http://go.microsoft.com/fwlink/?LinkID=166231)

djeeg
  • 6,685
  • 3
  • 25
  • 28
  • Yes, 166231 is installed. The KB is 976462 here http://support.microsoft.com/kb/976462. – Newclique Jan 14 '11 at 19:16
  • OK, I got it working somehow. I was missing a few entries into the web config of the STS service b/c I thought it would pull them from machine.config. Apparently the service is either running a different version of the framework than my websites...not sure. I want to understand it so I will prob break it and see. I will blog it when I am done. Thanks for your help, though. I rebooted just to make sure the hotfix was active. That could have helped as well. – Newclique Jan 14 '11 at 20:32