Skip to main content
Nintex Community Menu Bar

Known Issue: Users can Access K2 Realms they are not Configured to Use

  • February 16, 2021
  • 0 replies
  • 23 views
  • Translate
MillaZ
Nintex Employee
Forum|alt.badge.img+21
  • MillaZNintex Employee
  • Nintex Employee
  • 671 replies
 

Known Issue: Users can Access K2 Realms they are not Configured to Use

KB002439

PRODUCT
K2 blackpearl

 

Issue

When you have users who log in to K2 from different providers, such as Windows users inside your network and external users who use Basic authentication with a username and password, configuring your realms may not prevent people from accessing both sites. This is By Design in the way K2 sites are configured, but you can update the web.config file to limit users to only the realms you specify.

 

This behavior only occurs if the hostname/base URL is the same for your designer and runtime sites, such as https://k2.denallix.com/designer and https://k2.denallix.com/runtime. If they are not the same, the cookie is not shared.

 

Workaround

You must edit the web.config files for the designer and runtime sites, and remove the path="/" setting of the cookieHandler key. You can find these files at <install drive>:Program Files or Program Files (x86)K2K2 smartforms Designer and K2 smartforms Runtime.

 

By default, the sites are configured as follows:

Image

 

Removing the path attribute forces the sites not to share cookies in the same path (by hostname), and your resulting cookieHandler key is as follows:

Image

 

 

 

Check out these Nintex University Learning paths: https://community.nintex.com/p/NintexUniversity
    Did this topic help you find an answer to your question?

    0 replies

    Be the first to reply!

    Reply


    Sidebar Buttons
    Nintex Community Home Contact Nintex Support Email Nintex Community Check Nintex Status
    Terms & ConditionsCookie Settings

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie Settings