Symptoms
Viewflow is not working
Diagnoses
When I click on Viewflow from our worklist or from within a Smartform, it does not work. The Fiddler trace that is attached indicates that the browser is being redirected to the server on DLX:8080 istead of the DNS name of k2.denallix.com which uses port 80.
See line 40 of the attached .saz file.
Please advise on how to fix this.
Resolution
Customer had updated the web application bindings but it would seem the Issuer URL (a redirect) was still using the old configuration and as such was not accessible. To resolve the issue, we temporarily enable "Windows Authentication" to access the "System" forms to update the Issuer URL. Afterward, we set it back to Forms Authentication Anonymous Authentication the redirect to the Identity Windows STS and the Viewflow is now loading successfully.
The "Anonymous Authentication" IIS module is only use to redirect the users to the K2 Forms/STS authentication module, it does not allow unauthenticated user access similar to:
http://forums.iis.net/t/1159935.aspx?forms authentication fails to redirect to login aspx
K2 Smartforms Forms based authentication is essentially a "Claims-Aware ASP.NET Application Using Forms-Based Authentication", similar to:
https://msdn.microsoft.com/en-us/library/hh291068(v=vs.110).aspx
I believe ASP.NET Forms Authentication technology does not send the password as clear-text but it encodes this information:
http://stackoverflow.com/questions/133106/how-secure-is-basic-forms-authentication-in-asp-net
To further secure this encoded data traffic between server, I believe best practice recommends using HTTPS.
Please also see the link below regarding the authentication flow with K2WindowsSTS that essential authenticate user against the Active Directory store using Claims tokens, instead of pre 4.6.7 release (Windows NTLM/Kerberos).
http://help.k2.com/onlinehelp/k2smartforms/userguide/1.0.6/default.htm_Token Flow/Token Flow OAuth and Claims.htm?TocPath=Considerations|Authentication|Claims-based Authentication|_____4
Please see the KB article below, containing very detailed information regarding Forms/Claims based authentication:
http://help.k2.com/kb001688
*highly recommended
