Showing posts with label Prompting continuously for credential. Show all posts
Showing posts with label Prompting continuously for credential. Show all posts

Tuesday, August 19, 2014

Prompting continuously for credential after setting Alternate Access Mapping


I have created a web application in SharePoint & also set the “Alternate Access Mapping” for the web application like:



Zone

URL

Host Header in IIS

Default


sharepoint2010

Intranet

http://sharepoint2010.mydomain.com

sharepoint2010.mydomain.com

Internet



Custom



Extranet




When I login to http://www.mysharepoint2010.com, it allow me to login. But just after this login, I won’t be able to use my default url (http://sharepoint2010). It prompts me for credentials so many times & won’t allow me to login to the url http://sharepoint2010.

When I reset my iis then it allow me to login to http://sharepoint2010. But when again I login to http://www.mysharepoint2010.comand then again I want to use url http://sharepoint2010. It won’t allow me to use this url.

I have done some R & D and found that SharePoint uses Session-Based-Authentication and default claim token has 10 hours life time.

This cached token is used for all subsequent requests. So the end user will not really be able to access the site until next day.

You can see the default time by using this power shell command:



PS C:\Users\gaurav> $sts = Get-SPSecurityTokenServiceConfig


PS C:\Users\gaurav> $sts.WindowsTokenLifetime



Days              : 0

Hours             : 10

Minutes           : 0

Seconds           : 0

Milliseconds      : 0

Ticks             : 360000000000

TotalDays         : 0.416666666666667

TotalHours        : 10

TotalMinutes      : 600

TotalSeconds      : 36000

TotalMilliseconds : 36000000




PS C:\Users\gaurav> $sts.FormsTokenLifetime



Days              : 0

Hours             : 10

Minutes           : 0

Seconds           : 0

Milliseconds      : 0

Ticks             : 360000000000

TotalDays         : 0.416666666666667

TotalHours        : 10

TotalMinutes      : 600

TotalSeconds      : 36000

TotalMilliseconds : 36000000


When I set this 10 hours to 1 minute, It works for me. Now I can login to url http://www.mysharepoint2010.comand then I am able to use the default url http://sharepoint2010as well.

Here is the powershell command :



$sts = Get-SPSecurityTokenServiceConfig


$sts.WindowsTokenLifetime = (New-TimeSpan –minutes 1)


$sts.FormsTokenLifetime = (New-TimeSpan -minutes 1)


$sts.Update()

Iisreset


Here is output :



PS C:\Users\gaurav> $sts = Get-SPSecurityTokenServiceConfig


PS C:\Users\gaurav> $sts.WindowsTokenLifetime



Days              : 0

Hours             : 0

Minutes           : 1

Seconds           : 0

Milliseconds      : 0

Ticks             : 600000000

TotalDays         : 0.000694444444444444

TotalHours        : 0.0166666666666667

TotalMinutes      : 1

TotalSeconds      : 60

TotalMilliseconds : 60000




PS C:\Users\gaurav> $sts.FormsTokenLifetime



Days              : 0

Hours             : 0

Minutes           : 1

Seconds           : 0

Milliseconds      : 0

Ticks             : 600000000

TotalDays         : 0.000694444444444444

TotalHours        : 0.0166666666666667

TotalMinutes      : 1

TotalSeconds      : 60

TotalMilliseconds : 60000


Here I am setting 1 minute life for token.

SharePoint Framework client-side web part sample with Angular Elements

Greeting Web Part This web part is created with Angular Element. It has one element “ issharepoint ” which takes true if user is...