Skip to main content


 

Symptoms


Client has a DMZ environment set up that contains only the K2 Blackpearl Core Components and the K2 SmartForms Runtime components.

Issue #1 ? When the user browses to the following URL: https://gdcvb02k2fe01/Runtime he is redirected to the Login.aspx page, however when attempting to log in using valid credentials he is presented with a ?Safe Handle has been closed? error

Issue #2 - When the user browses to the following URL: https://gdcvb02k2fe01/Runtime he is redirected to the Login.aspx page, however when attempting to log in using valid credentials he is presented with a ?Failed to sign in with the given user name and password? error

Issue #3 - When the user browses to the following URL: https://gdcvb02k2fe01/Runtime he is redirected to the Login.aspx page. He can log in successfully.
When the user browses to the following URL: https://gdcvb02k2fe01/Runtime/Runtime/Form/so1 he is presented with the following error: ?Primary Credentials not Authenticated?.
The user is not even redirected to the Loging.aspx page.
 

Diagnoses


Fix:
Issue #1 ? Using reference to a previous ticket that I was part of I added the DMZ Workgroup environment?s machine name in the AuthInit table on the K2 Label.
This is due to the fact that when a request for login comes to the K2 Server it comes in with the following username eDMZ_MACHINE_NAME]EDMZ_SMARTFORMS_APP_POOL].
K2 Server queries the AuthInit column to see if the eDMZ_MACHINE_NAME] is a domain that it can use to authenticate users. If not, then an error is returned to the client.
We also added the DMZ?s Application Pool username as a local user on the K2Server with the same username and password so that the security can flow.

Issue #2 ? We enabled Forms Error Logging (http://help.k2.com/onlinehelp/k2smartforms/DevRef/current/default.htm#web_config_Debugging.html) and I could see the following error being raised: ?2016-04-14T14:28:21,Verbose,Security,,,ConnectionClass.CheckLogin: Method=5 Failed, Result=False, Exeception=System.Net.Sockets.SocketException (0x80004005): No such host is known?
The host entry is pulled from the web.config file of the Runtime Site:
andltadd key="HostName" value="k2.denallix.com" /andgt
andltadd key="HostPort" value="7777" /andgt
andltadd key="WorkflowPort" value="7272" /andgt

Issue #3 ? Using some debug assemblies on the ?SourceCode.HostServerLib.dll? assembly we can see that an integrated connection is established, and thus failing.
We uncommented the following lines in the web.config:
andltadd name="SourceCode.Forms.AppFramework.AnonymousAuthorizationModule" type="SourceCode.Forms.AppFramework.AnonymousAuthorizationModule, SourceCode.Forms"/andgt
(There should be 2 places)
This unfortunately means that the Anonymous Forms option will not be available when browsing to the DMZs URL.

We will have to work around it by either using a different URL (from the Server) or creating an additional Runtime Site.
 

Resolution


Fix:
Issue #1 ? Using reference to a previous ticket that I was part of I added the DMZ Workgroup environment?s machine name in the AuthInit table on the K2 Label.
This is due to the fact that when a request for login comes to the K2 Server it comes in with the following username mDMZ_MACHINE_NAME]MDMZ_SMARTFORMS_APP_POOL].
K2 Server queries the AuthInit column to see if the hDMZ_MACHINE_NAME] is a domain that it can use to authenticate users. If not, then an error is returned to the client.
We also added the DMZ?s Application Pool username as a local user on the K2Server with the same username and password so that the security can flow.

Issue #2 ? We enabled Forms Error Logging (http://help.k2.com/onlinehelp/k2smartforms/DevRef/current/default.htm#web_config_Debugging.html) and I could see the following error being raised: ?2016-04-14T14:28:21,Verbose,Security,,,ConnectionClass.CheckLogin: Method=5 Failed, Result=False, Exeception=System.Net.Sockets.SocketException (0x80004005): No such host is known?
The host entry is pulled from the web.config file of the Runtime Site:
andltadd key="HostName" value="k2.denallix.com" /andgt
andltadd key="HostPort" value="7777" /andgt
andltadd key="WorkflowPort" value="7272" /andgt

Issue #3 ? Using some debug assemblies on the ?SourceCode.HostServerLib.dll? assembly we can see that an integrated connection is established, and thus failing.
We uncommented the following lines in the web.config:
andltadd name="SourceCode.Forms.AppFramework.AnonymousAuthorizationModule" type="SourceCode.Forms.AppFramework.AnonymousAuthorizationModule, SourceCode.Forms"/andgt
(There should be 2 places)
This unfortunately means that the Anonymous Forms option will not be available when browsing to the DMZs URL.

We will have to work around it by either using a different URL (from the Server) or creating an additional Runtime Site.




 
Be the first to reply!

Reply