Security errors with asp.net form and K2 workitems and smartobjects

  • 29 October 2009
  • 5 replies
  • 2 views
Z
Badge +3

Hello,


I've developed an ASP.net web form that interacts with K2 in order to start new processes, update and edit datafields, along with creating and updating smartobjects. I have no issues with this calls while working under the debugger within visual studio. But when I publish the web app (to the same server/VPC) to IIS folder and hit the site. I get a 24408 error "K2:NT AUTHORITYNETWORK SERVICE does not have rights to start process". Or if I'm trying to load a process into the form, one that was created via VS debugger, I get a "Authentication required for session xxxxxx" error.


It's an all in one VPC win2k3. With only windows authentication set for the IIS site. The K2 connection string = "[;];Authentication=Windows" and SO string = "Host=<server>;Port=5555;Integrated=True;Authenticate=True;EncrypedPassword=False;IsPrimaryLogin=True;"


Anyone come across this before? Hopefully it is something obvious and I'm just overlooking something.


Thank you.


5 replies

T
Badge +10

First thing I'd check is that either integrated authentication is not enabled for the published webapp site or anonymous is enabled for the site. 


Because of that I suspect that instead of passing the Asp.net form user's account to K2 to verify the person has permissions to start the process its passing the application pool account that site is running under which I suspect is NT AuthorityNetwork Service.  Check the sites web.config and the Site permissions.

Z
Badge +3

anonymous is not checked, and integrated windows authentication is checked. Also, the web.config is set with authentication mode="Windows"

T
Badge +10

Is the <identity impersonate="true" /> also set in the web.config?


 

Z
Badge +3

No it's not set.

Z
Badge +3

<facepalm>

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings