K2 User needs Admin rights to start a workflow in test environment

Heres the scenario:

I have a C# .NET ascx control on a website on my local machine that starts a K2 workflow on another server. The code impersonates the logged in user to start the K2 Workflow using K2Con.ImpersonateUser((user login]);
this logged in user is given Start rights on this workflow in K2. i start the workflow with the call K2Con.StartProcessInstance(ProcessInstance);

While running locally, I have no issues.

********************************

I move the code to a test server, still pointing at the same K2 server. Now i get the error:

24408 from 10.1.x.xxx:xxx does not have rights to Start Process sWorkflowName]eProcessName].

only when i give the user Admin rights on this workflow is the user able to start the workflow.

Has anyone ever seen this?

Page 1 / 1

Sounds like you are going over a double hop. i.e. from client machine to web server to K2 server. You didn't get the error earlier because essentially you were doing a single hop. i.e. Dev machine to K2 server.

For proper passing of credentials across double hop scenarios, you need to configure Kerberos delegation. You can refer to the Getting Started guides for information on distributed setups.

Reply

View our Community Site Map

Reply

View our Community Site Map

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded