General Info

We have three Web Applications on a single SharePoint Farm. Each Web Application has its own FBA (SqlProvider) Database, ConnectionString, Membership and Role Providers with distinct names. Entries for all three pairs of Membership and Role Providers have been added to Central-Admin web.config as well as SecurityTokenServiceApplication web.config FBA Users can be authenticated and login to each individual Web Application Site Collection User Profiles for all FBA users have been populated with email. People pickers work as expected for each Web Application. Edit: Forgot to add that permissions to all three SQL Databases have been added to the Workflow service account and the farm account.

The Problem

Since the two extra Web Applications were added to the Farm our SharePoint Designer List Workflows can no longer be started by any FBA user for either Web Application (the two new ones or the original one).

We get 401 errors before the workflow even starts (workflows with a single Log to History action for debugging, never log anything)

We have checked FBA user permissions to the Associated List, Workflow History and Workflow Tasks lists, everything seems in order.

Browsing our ULS logs it appears that the Workflow cannot find the FBA user.

Identity claims mapped to '0' user profiles. Claims: [nameid: 'fbauser', nii: 'forms:fbamembership', upn: 'fbauser', smtp: 'fbauser', sip: ''], User Profiles: Retrying last request. Next attempt scheduled in less than one minute. Details of last request: HTTP Unauthorized to http://netbiosname:app_port/_vti_bin/client.svc/sp.utilities.utility.ResolvePrincipalInCurrentcontext(input=@ParamUser,scopes='15',sources='15',inputIsEmailOnly='false',addToUserInfoList='False')?%40ParamUser='i%3A0%23.f%7Cfbapmembership%7Cfbauser' Correlation Id: 30e7b058-2741-9ae4-bca1-301134457675 Instance Id: 87d9ee31-7217-4ab7-ba55-545ffb4d02ba RequestorId: 30e7b058-2741-9ae4-0000-000000000000. Details: An unhandled exception occurred during the execution of the workflow instance. Exception details: System.ApplicationException: HTTP 401 {"error_description":"The server was unable to process the request due to an internal error.

Is this configuration valid?

Do we have a way to implement a multi-tenant environment where each tenant is a Web Application on the same Farm and somehow have Workflow resolve the FBA user according to each App?