Cannot authenticate users using WS-Federation after migrating to 11.2.4

Last Month
IvanH
Updates

Summary

Users cannot access the Work Portal using WS-Federation authentication type after upgrading to the 11.2.4 version.

Applies to

Bizagi Studio and Automation server 11.2.4

Symptoms

When you upgrade a project to 11.2.4 using WS- federation, the Work Portal stops working, and users cannot access it.

Cause

To keep compatibility with our cloud-based service, Automation Service, the updates to the 11.2.4 version does not change the Web.config file with the WS-federation configuration.

Solution

There are two possible solutions:

Solution 1

Before updating your project, change the authentication type to Bizagi. After you successfully update your project, configure the WS-federation authentication type again.

Solution 2

If you already upgraded your project to the 11.2.4 version, open the web.config file located in the following folder: C:\Bizagi\Projects\[Project_Name]\WebApplication

1.    Backup you web.config file

2.    Open the web.config file using a text editor

3.    Search the <configSections> section and delete the following lines:

<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />

<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />

4.    Search the <appSettings> section and delete the following lines:

<add key="FederationMetadataLocation" value="https://accountdev.eastus.cloudapp.azure.com/FederationMetadata/2007-06/FederationMetadata.xml" />

5.    Search the <system.web> section and delete the following lines:

<authentication mode="None" />

<authorization>

<deny users="?" />

</authorization>

6.    Search the <modules runAllManagedModulesForAllRequests="true"> section and delete the following lines:

<add name="WSFederationAuthenticationModule" type="BizAgi.Authentication.Authenticator.Federate.WebServerModules.BizagiFederationAuthenticationModule, BizAgi.Authentication" />

<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />

7.    Search the <configuration> section and delete:

<system.identityModel configSource="FederationAuth.config" />

<system.identityModel.services>

<federationConfiguration>

<wsFederation passiveRedirectEnabled="true" issuer="https://{serverADFS}.eastus.cloudapp.azure.com/adfs/ls/" realm="https://{bizagiHost}/{bizagiProyecto}/" requireHttps="true" />

<cookieHandler requireSsl="false" />

</federationConfiguration>

</system.identityModel.services>

8.    Save the web.config files with all your changes, reset the application server and access the Work Portal again.

Rate this Article:

Details

Last Modified:Last Month
Last Modified By: CarolinaM
Type: ERROR
Level: Advanced
Rated 5 stars based on 1 vote
Article has been viewed 54 times.

Options