EventID 1315 Membership credential verification failed

andreasblueher · July 9, 2012, 12:26pm

Looking through my logs I found at least one of those log entrys for each user trying to/actually authenticating.

The error seems to appear even if the login was successful, but I'm investigating a bunch of reports, where users where not able to login after all. Looking through my google results nothing came up, which would have helped. Checked all the fba settings, but since I can't reproduce the failed login, the error message is everything I can stick to at the moment.

Event code: 4006 
Event message: Membership credential verification failed. 
Event time: 7/8/2012 12:53:37 AM 
Event time (UTC): 7/7/2012 10:53:37 PM 
Event ID: c97aa3622d30422e8552883c4292361f 
Event sequence: 2416 
Event occurrence: 11 
Event detail code: 0 
 
Application information: 
    Application domain: /LM/W3SVC/1867074284/ROOT-1-129860944820252444 
    Trust level: WSS_Minimal 
    Application Virtual Path: / 
    Application Path: C:\inetpub\wwwroot\wss\VirtualDirectories\80\ 
    Machine name: ****
 
Process information: 
    Process ID: 3388 
    Process name: w3wp.exe 
    Account name: ****\svc_sp_****
 
Request information: 
    Request URL: https://****/webpartpages/accountrequest.aspx 
    Request path: /webpartpages/accountrequest.aspx 
    User host address: **** 
    User:  
    Is authenticated: False 
    Authentication Type:  
    Thread account name: ****\**** 
 
Name to authenticate: usernametoauthenticate
 
Custom event details:

ccoulson · July 9, 2012, 3:06pm

Do you mean you get this when you turn on 'Login Created User' option on the Membership Request web part? I tried reproducing this on my side and wasn't able to.

When I searched for the event in Google, there were suggestions that it could be caused by an invalid 'ApplicationName' value in your membership settings in your web.config - maybe check that. http://social.technet.microsoft.com/Forums/en-US/sharepointadmin/thread/99de60a4-1cd6-4f58-80a4-e913d5eace17/

Also, don't forget to check your membership settings in all web.configs - Central Admin, SecureTokenStore and your web apps - they should all be identical.

andreasblueher · July 9, 2012, 3:43pm

Hello ccoulson,

thanks for the fast reply. The option "Login Created User" is indeed activated, but I really have no clue what's causing this behavior. I've found the applicationname suggestion, but all my settings seemed to be correct in all web.config files.

In the end the user is able to login in an additional step, but I'm wondering. Since it's not working I could also disable it. I'll try to recreate the behavior with a fresh SharePoint and FBA Pack installation, but I'm starting to think, that I've caused this problem by myself.

ccoulson · July 9, 2012, 3:47pm

The only other thing I can think of to suggest is to make sure that 'Review Membership Requests' is turned off in the FBA Site Configuration. Login Created User will not work when Review Membership Requests is turned on.

andreasblueher · July 12, 2012, 8:51am

I got some new informations. I found those lines of code in the uls log and what happened was that a user tried to request an account using Firefox. After entering username, emailadresse, First and Lastname and the security code, he got an unknown error in return ``` 07/11/2012 12:15:29.65 w3wp.exe (0x1184) 0x1058 SharePoint Foundation Claims Authentication 0000 Unexpected Password check on 'email@email.de' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password could not be validated. (Fehlerdetail ist gleich Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).'. 07/11/2012 12:15:29.65 w3wp.exe (0x1184) 0x1058 SharePoint Foundation Claims Authentication fo1t Monitorable SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password could not be validated. (Fehlerdetail ist gleich Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.). 07/11/2012 12:15:29.67 w3wp.exe (0x0E24) 0x1B2C SharePoint Foundation Claims Authentication fsq7 High Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated. at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr) at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst) at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo) b7e2b81f-6fcc-452e-b897-70a8257d300d 07/11/2012 12:15:29.67 w3wp.exe (0x0E24) 0x1B2C SharePoint Foundation Claims Authentication 8306 Critical An exception occurred when trying to issue security token: The security token username and password could not be validated.. b7e2b81f-6fcc-452e-b897-70a8257d300d ``` This happened at the same time like the errormessage above and in the end the user was created in the server, but he hasn't been assigned to the default group. So his account exists, but it's not in SharePoint. I'm waiting for feedback if the email has been send out, but I don't think it happened. Edit: Review Membership Requests is not turned on

ccoulson · July 12, 2012, 1:01pm

It wouldn't be because of something like this, would it:

http://blogs.msdn.com/b/jorman/archive/2011/07/25/sha512-forms-authentication-in-sharepoint-2010.aspx

setting a different hashing algorithm?

andreasblueher · July 12, 2012, 1:49pm

I haven't changed the hashing algorithm, but I'm able to recreate the error message in both event and uls log. Although I couldn't believe it in the first place, it's caused by any user entering a wrong password.

So whenever you're using aspnetdb for you fba usermanagement and an user enters a wrong password, you end up having an errormessage each in event and uls log. I could reproduce the error on an other server, where your fba pack isn't installed at all.

I'm amazed by the fact, that it seems to be always the case, that a wrong user password adds error logs. Somehow I wasn't able to find other threads concerning this problem even give the fact that everybody else should the same problem with their login. Could you confirm this to me?

ccoulson · July 12, 2012, 2:05pm

I don't know why I wasn't able to reproduce the error before. I can now - I do get the same error on my side when entering a wrong password.

siddartha · September 20, 2020, 5:51am

Even I am also facing the same issue .We have upgraded to SharePoint 2013 and installed SP2013FBA pack and everything was done.
when I try to login I am getting the following message
Event Code : 4006
Event Message : Memebership Credentials verification failed
I checked machine key and everything looks good
Please help us where we did wrong?

ccoulson · September 21, 2020, 3:10am

My guess is that your membership config for the securetokenservice (which is what is used for authentication) doesn’t match the rest of the membership config (machine.config). See here: