Answered

windows authentication issue

Hi,

I'm not able to get the windows authentication working in my environment, am running Bizagi [10.5.0.2039] 64 bit edition on Windows 2008 R2 standard server environment, on IIS v 7.

I get prompted a log on page asking to provide the user credentials instead of the IIS and client browser settings to avoid showing the log on page. On providing the credentials get the following error as shown in the attachment. Also attaching the web.config page and screen shot of the IIS settings and my browser settings.

One more point to note, the web.config file does not get updated if I change the authentication mode from Windows to Bizagi, although I get a message in the studio that it has been updated.

Any help, pointer to resolve this will be really helpful

Thanks,

Shekar

Best Answer
photo

Dear Shekar,

Using Windows Authentication in Bizagi will require that the user is already created in Bizagi, and that it is a user in the local or corporate domain.When not all of your users fall under this category, it is recommend to use Mixed authentication having both Windows and Bizagi authentication options. Through Windows authentication, the Work Portal delegates the authentication to the Windows machine on the client side (either using a corporate domain or a local domain at the machine). If Windows allows access and the user exists in Bizagi, login is succesful (passwords are not stored in Bizagi).

Additionally, you may use an enhanced option for this authentication which is to have Bizagi automatically take the Windows session credentials and avoid a login page for the end users (by default, the IIS site's configuration for a Bizagi work portal will show the login page).

Avoiding the login page

In order to bypass the login page when using Windows Authentication, the following 2 steps need to be accomplished: First, disabling anonymous access and enabling Windows authentication at the IIS Web site's configuration.

Finally, allowing security settings at the browser to send the credentials (intranet setting).This last step is required in each of the end users workstations due to the fact that default browser configuration is likely to show a prompt, in which Windows will require confirmation as to the credentials from the machine that are being sent.

For further information: windows_authenticationBest Regards

photo
0

Dear Shekar,

Using Windows Authentication in Bizagi will require that the user is already created in Bizagi, and that it is a user in the local or corporate domain.When not all of your users fall under this category, it is recommend to use Mixed authentication having both Windows and Bizagi authentication options. Through Windows authentication, the Work Portal delegates the authentication to the Windows machine on the client side (either using a corporate domain or a local domain at the machine). If Windows allows access and the user exists in Bizagi, login is succesful (passwords are not stored in Bizagi).

Additionally, you may use an enhanced option for this authentication which is to have Bizagi automatically take the Windows session credentials and avoid a login page for the end users (by default, the IIS site's configuration for a Bizagi work portal will show the login page).

Avoiding the login page

In order to bypass the login page when using Windows Authentication, the following 2 steps need to be accomplished: First, disabling anonymous access and enabling Windows authentication at the IIS Web site's configuration.

Finally, allowing security settings at the browser to send the credentials (intranet setting).This last step is required in each of the end users workstations due to the fact that default browser configuration is likely to show a prompt, in which Windows will require confirmation as to the credentials from the machine that are being sent.

For further information: windows_authenticationBest Regards

photo
0

Please note that I'v followed the article on windows authentication. I've done all the required settings in Bizagi studio, IIS serve and the client browser as well. The user is also present in Bizagi. Please refer to the screen shot in the attachment provided in the original post

Thanks

Shekar

photo
0

Dear Shekar,

Thank you for your feedback. Have you tried to restart you IIS with iisreset command? Also, have you tried other authentication options?

Thank you in advance

photo
0

I tried to reset the IIS and that didnt work either.

I also changed the setting to Bizagi authentication, created a new user in the Bizagi work portal using admon login and enabled the user. I'm able to login using this user and other users only if Enable Quick Login option is selected.

If I do not select the Enable Quick Login optin and have the authenication mode as Bizagi, I'm still not able to login using the new user that I created from the Bizagi work portal

Any pointers to this, guess it important to get th Bizagi authentication working first

Thanks

Shekar

photo
0

Dear Shekar,

When you create a user using the work portal, be sure to write a password because Bizagi creates a password. Please enter again into the created user and write a password, then save and try again. If you have set an email server, Bizagi will send the password for the new user to an email account.

Please,check out this article: http://help.bizagi.com/bpmsuite/en/index.html?users_administration.htm

Regards

photo
0

Dear Juan

I created the user using the admin option and set up a password of my choice, didnt set up the email account as the SMTP server was not configured.

Regards

Shekar

photo
0

Dear Shekar,

A member of our supported team contacted you to solve this question. Please let us know if you continue with the same question.

Best Regards