WIF Tracing \ Troubleshooting

By | November 2, 2015

I was having some issues today with a WS Federation implementation using a passive STS. I was logging onto the STS but when the browser redirected back to the client after a login, the client rejected the token and redirected me back to the STS again. There was no error message and after searching online for a bit i found a way that I could possibly debug the WIF process.

I found this trace for WIF which helped me to trace WS Federation issues as well. Once I saw the error “The issuer of the security token was not recognized by the IssuerNameRegistry” I immediately recognized it and knew what to do.

Add the following to the client web config.

<system.diagnostics>
<trace autoflush="true"/>
<sources>
<source name="System.IdentityModel" switchValue="All">
<listeners>
<add name="xml"
type="System.Diagnostics.XmlWriterTraceListener"
initializeData="F:\Websites\ClientWIFLog.xml" />
</listeners>
</source>

</sources>
</system.diagnostics>

It will produce a xml file that looks like this and from it, it should be easier to identify what is going on internally.

WIFTracing

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of