SharePoint 2013 access denied error after successful login

Question

SharePoint is showing strange behavior that when I use my Custom login page which is using the credentials entered to get authenticated by my Custom Security Token service (Trusted Identity provider) for SharePoint. When my Identity provider sends a response to SharePoint, it redirects me to this URL

http://WebAppURL/_layouts/15/AccessDenied.aspx  

Which should not appear because my identity provider has authenticated it, I was messing around with things and then while doing that I changed my URL from the above mentioned to

http://WebAppURL/ (Got rid of _layouts/15/AccessDenied.aspx) 

It worked now whenever I log into my sharepoint webapp I first get this access denied page and then I have to change my URL, I get all the claims sent by my Identity provider.

Now If anyone out there can help me with this redirection issue? The realm I am giving while registering my IP-STS with SharePoint I append

http://webappURL/_trust/default.aspx 

and also tried

http://webappURL/_trust as well but no success.

Any help or suggestion is appreciated. Thank you.

Answer 1

In my case, I needed to update the permissions on the /_trust directory to include Everyone with Read permissions.

Answer 2

It turns out that permission to the site collection master page gallery had been removed. So even though the users had permissions to the master page gallery on the subsite, they were getting access denied errors on the subsite. We're not sure how the permissions on the site collection master page gallery were removed. or see if this helps here.