Code Fix: Navigating to a K2 Application from any SharePoint list or library may result in a user being logged out

  • 16 February 2021
  • 0 replies
  • 9 views

Badge +9
 

Code Fix: Navigating to a K2 Application from any SharePoint list or library may result in a user being logged out

KB002532

PRODUCT
K2 Five 5.1
K2 Five (5.1) Fix Pack 7

 

Issue Description

When K2 Forms STS is enabled and your user token has expired, you may be logged out in the background and unable to access the K2 Application.

Resolution

  1. Ensure you have K2 Five (5.1) installed.
  2. Get the K2 Five (5.1) FP7 from Regional Support.
  3. Install the K2 Five (5.1) FP7 to apply the fix.
  4. It is recommended to refresh the browser cache.

Considerations

It is important that the lifetime of your token, i.e ADFS, FormsSTS, WindowsSTS, is never the same as the TokenExpiry value, including the default value of 1800. This will result in a constant sign-in/sign-out cycle, and will cause a “multiple login attempts detected” error. These values are stored in the web config files situated at the locations below:

  • C:Program Files (x86)K2 blackpearlK2 smartforms Designer
  • C:Program Files (x86)K2 blackpearlK2 smartforms Runtime
  • C:Program Files (x86)K2 blackpearlWebServicesIdentityStsForms
  • C:Program Files (x86)K2 blackpearlWebServicesIdentityStsWindows 

Note that the SessionTokenLifetime values are updated in the StsForms and StsWindows config files and the TokenExpiry values are updated in the K2 smartforms Designer and K2 smartforms Runtime web config files, so there are four files where they should not have the same value. 

When you experience this issue follow these steps:

  1. Add the following value to the K2 SmartForms Runtime web.config file under <appSettings>: 
    <add key="TokenExpiry" value="1800" /> 
  2. Restart the K2 Server.
  3. It is recommended to refresh the browser cache and perform an IISReset

This value is specified in seconds and is used as the minimum time a token needs to remain valid before K2 will re-authenticate. This could however prompt a user for credentials when accessing K2 forms. 

The minimum value recommendation is 600 seconds.

 

 


0 replies

Be the first to reply!

Reply