Symptoms
Cannot log in with ADFS to Smartforms.
Diagnoses
We have configured K2 to use ADFS for the authentication provider. The configuration initially worked. but it has stopped working now.
After the users chooses the ADFS authentication type a screen with the following error is presented before the users would be forward to the sts(adfs) page.
The following message appears:
Claim mapping configuration cannot be found for this claim. Claim information: Name='SVC-K2AdminLive', Issuer='http://sts.essentialenergy.com.au/adfs/services/trust', Original Issuer='http://sts.essentialenergy.com.au/adfs/services/trust'. Please ensure that you have configured the K2 server as specified in K2 Help: Installation and Configuration > Configuration > SharePoint > Claims-based Authentication. More Details at SourceCode.Hosting.Server.Runtime.HostSecurityManager.GetClaimsUserName(String tokenXml, ClaimsTokenType tokenType, ClaimsVersion claimsVersion) at SourceCode.Hosting.Server.Runtime.HostSecurityManager.AuthenticateIIdentitySession(String sessionCookie, String tokenXml, ClaimsTokenType tokenType, String connectionString, String authReqSource, ClaimsVersion claimsVersion)
Please contact Ken Watts on Phone: 02 6588 4632 email: ken.watts@essentialenergy.com.au to work on the issue
Resolution
Ran through various troublesh
I notice that on your Claim Type Mapping , your Claim Value is setup for a static credential
urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport.
Can you please change this to use the below schema value instead
http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/windows
See this link for more info
https://technet.microsoft.com/en-us/library/ff603841.aspxooting scenario's .
After this we had to recreate the Self Signed Cert and update the Thumbprint values . Finally Client found that there were permissions missing on the Certs themselves.
