Unable to login to SharePoint site with FBA
I was recently working on a case where the end users are unable to login to FBA site hitting the request on one of the WFEs in the farm.When credentials are provided , it keeps prompting for the credentials again and no error message is not displayed on the form . When hitting on another server in the same farm , the users are able to login to the site successfully with the username and password.
The ULS log did not help much , did not have much clue to work on. Later found an information from Event Viewer on the server where the users are not able to login.
It looked like the following
Event Type: Information
Event Source: ASP.NET 2.0.50727.0
Event Category: Web Event
Event ID: 1315
Date: <date>
Time: <time>
User: N/A
Computer: <computer name>
Description:
Event code: 4005 Event message: Forms authentication failed for the request. Reason: The ticket supplied was invalid. Event time: <date and time>
Event time (UTC): <event date and time>
Event ID: 013a6a5055e745508578017f8a13436a Event sequence: 22 Event occurrence: 18 Event detail code: 50201 Application information: Application domain: /LM/W3SVC/906638250/Root-1-128981093952300932 Trust level: Full Application Virtual Path: / Application Path: <path of the virtual directory> Machine name:<server name> Process information: Process ID: 3964 Process name: w3wp.exe Account name: <service account> Request information: Request URL: <URL> Request path: / User host address: <IP of the server> User: Is authenticated: False Authentication Type: Thread account name: <thread account name> Name to authenticate: Custom event details:
For more information, see Help and Support Center at https://go.microsoft.com/fwlink/events.asp.
As FBA always need the configurations on all servers same , the customizations even should look similar on all WFEs. When compared the binaries and virtual directories, ISAP etc on working and non working servers, I found them very similar.
Finally looking at the web.config file on both servers, it was understood that the machine validation key was the same and it was not created for the non working server rather copied from the working one.
<machineKey validationKey="F5E0D40A29743C963320948454F31B59A16807F5D0737A0D" decryptionKey="A2E3E75C10A7B72765D32CDA4DB707B74C11BAED08772C94" validation="SHA1" />
Generated a new Machinekey validation key and pasted in web.config file replacing the duplicate one.
Reset IIS
Cleared the cookie/browser cache/temp files from the client and opened the site in New IE.
To know more about Machine validation key :- visit