WIF Tracing \ Troubleshooting

By | Nov 2, 2015

I was having some issues today with a WS Federation implementation using a passive STS. I was logging onto the STS but when the browser redirected back to the client after a login, the client rejected the token and redirected me back to the STS again. There was no error message and after searching online for a bit i found a way that I could possibly debug the WIF process.

I found this trace for WIF which helped me to trace WS Federation issues as well. Once I saw the error “The issuer of the security token was not recognized by the IssuerNameRegistry” I immediately recognized it and knew what to do.

Add the following to the client web config.

<trace autoflush="true"/>
<source name="System.IdentityModel" switchValue="All">
<add name="xml"
initializeData="F:\Websites\ClientWIFLog.xml" />


It will produce a xml file that looks like this and from it, it should be easier to identify what is going on internally.


0 0 votes
Article Rating
Notify of

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Inline Feedbacks
View all comments