Claims Authentication - Internal Traffic Cookies Issues

Document created by nintexsupport Support on Dec 30, 2015
Version 1Show Document
  • View in full screen mode

 

Summary:

Claims authentication relies on cookies which are not supported by Nintex Workflow.  In this case you need to ensure that your farm uses machine-based or IP-based sessions rather than cookies for internal traffic

Product:

All Workflow Products

Symptom:

Relates to Authentication Errors with Web Services  Authentication Errors with Web Services

Cause:

Incorrectly set Internal Traffic Settings

Answer/Solution:

We recommend testing the web service first in a “Web request” action in Nintex Workflow. 
   Make sure you are using the X-FORMS_BASED_AUTH_ACCEPTED header with the Web Request action. This is required if you have a Claims Authorization environment. 
       
   Option 1
   Please try the using the X-FORMS_BASED_AUTH_ACCEPTED header with the “Web Request” action
      
   The web request action can use a header to tell it to not use ADFS. Header X-FORMS_BASED_AUTH_ACCEPTED set value to f will force Windows Authentication.  
       Depending on your environment please refer to this link for more detailed information about the header: http://msdn.microsoft.com/en-us/library/office/hh124553(v=office.14).aspx  
      
   If you are not using Mixed mode Authentication, please try:
        
   Option 2
   Extend the web application to have a separate URL that uses Windows or   regular forms-based authorization (refer to our tutorial here: https://community.nintex.com/docs/DOC-1216). This uses an Alternate Access Mapping (AAM) to enable a completely different URL for the web application that has separate authentication.  
      
   A Web Service can then be called on that URL that uses different authentication: 
   http://social.technet.microsoft.com/Forums/en-US/925e5f46-317f-46d3-bc55-c67f07eb2372/call-sharepoint-web-services-using-claimbased-authentication

Attachments

    Outcomes