SharePoint 2010 SecurityTokenService error

1
votes

We have SharePoint 2010 in our testing environment, working a with a custom STS (federation , and all sites are claimsbased). When we try to login to the site, we are redirected to the sts login page, we put in the credentials, we are directed to siteurl/_trust and it stays here for a long time and it times out. In the windows application error, this is what we see: Exception type: TimeoutException Exception message: The HTTP request to 'http://localhost:32843/SecurityTokenServiceApplication/securitytoken.svc' has exceeded the allotted timeout of 00:00:59.9840000. The time allotted to this operation may have been a portion of a longer timeout.

Another error reads:

An exception occurred when trying to issue security token: The request channel timed out while waiting for a reply after 00:00:59.9843751. Increase the timeout value passed to the call to Request or increase the SendTimeout value on the Binding. The time allotted to this operation may have been a portion of a longer timeout..

Any ideas?

2
sharepoint-2010claims-based-identity
Are all the components (WFE, app server, db, STS WCF service, etc.) on the same machine? Maybe you need to change the service reference from localhost to the server name where the service lives.Ola Ekdahl

2 Answers

0
votes

SecurityTokenService is a WCF service and you can set timeouts for the service just like for any other WCF service.

Speaking about SharePoint 2010. I have found that there are two folders in 14 hive folder: WebClients and WebServices. These folders contain SecurityToken subfolders.

To change timeouts you need to add the receiveTimeout and sendTimeout attributes into binding element to have something like this:

<binding name="spStsBinding" receiveTimeout="00:30:00" sendTimeout="00:30:00">
...
</binding>

I have done it for all bindings in both 14\WebClients\SecurityToken\client.config and 14\WebServices\SecurityToken\web.config files. The settings above set timeouts to 30 minutes.

To edit the service config files I have used a tool from VS 2008 shown on the following screenshot:

enter image description here

I hope it helps.

0
votes

The solution suggested by Antipod does work when SecurityTokenService is used by your application. However, it doesn't work when it's requested e.g. from Search Application. For example Core Results Search Web Part calls Search Service Application which calls Security Token Service.

In this case SPSecurityContext.SecurityTokenForContext method is called and it requests SecurityTokenService. In this case binding timeouts are not applied because SecurityTokenService WCF binding is initialized in following way:

s_CachedActAsStsBinding = new CustomBinding(bindingElementsInTopDownChannelStackOrder);

where bindingElementsInTopDownChannelStackOrder are taken from configuration in 14\WebClients folder but timeout parameters are not applied.

You can try solutions suggested here: http://www.eventid.net/display.asp?eventid=8306&eventno=10757&source=Microsoft-SharePoint%20Products-SharePoint%20Foundatio&phase=1 but unfortunately they didn't work for me.