Code Fix: Using the K2 Workspace App on an AAD environment, task retrieval fails at random intervals.
KB003244
PRODUCTK2 Five 5.0
K2 Five (5.0) September 2018 Cumulative Update
K2 Five (5.0) September 2018 Cumulative Update Fix Pack 16
LEGACY/ARCHIVED CONTENT
This article has been archived, and/or refers to legacy products, components or features. The content in this article is offered "as is" and will no longer be updated. Archived content is provided for reference purposes only. This content does not infer that the product, component or feature is supported, or that the product, component or feature will continue to function as described herein.
Issue Description
When using the K2 Workspace App on an AAD environment, task retrieval fails at random intervals and an error is presented.
Error Message
The following error is presented: “Sorry something went wrong”
Resolution
- Ensure you have K2 Five (5.0) installed.
- Download and Install the K2 Five (5.0) September 2018 Cumulative Update from K2 Partner and Customer Portal.
- Download the K2 Five (5.0) September 2018 Cumulative Update FP16 from K2 Partner and Customer Portal.
- Install the K2 Five (5.0) September 2018 Cumulative Update FP16 to apply the fix.
- It is recommended to refresh the browser cache.
Considerations
For the fix to be applied correctly, please ensure that version 2.2.4 of the K2 Workspace App has been installed and follow the steps below.
After applying the K2 Five (5.0) September 2018 Cumulative Update FP16, the following changes need to be made to the web.config file under this location {K2InstallDir}WebServicesK2Api.
-
Update the config sections tag and add a location tag.
-
Also replace realm=”https://{smartFormsRuntimeServer}/Runtime/” in the wsFederation tag with the URL to your runtime.
<configSections>
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<system.identityModel>
<identityConfiguration saveBootstrapContext="false">
<caches>
<sessionSecurityTokenCache type="SourceCode.Security.Claims.Web.WIFExtensions.DistributedSessionSecurityTokenCache, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
</caches>
<issuerNameRegistry type="SourceCode.Security.Claims.Web.IssuerNameRegistry, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16a2c5aaaa1b130d" />
<certificateValidation certificateValidationMode="None" />
<audienceUris mode="Never" />
<securityTokenHandlers>
<remove type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.Saml2SecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.SamlSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<add type="SourceCode.Security.Claims.Web.WIFExtensions.Saml2SecurityTokenHandler, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
<add type="SourceCode.Security.Claims.Web.WIFExtensions.SamlSecurityTokenHandler, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
<add type="SourceCode.Security.Claims.Web.WIFExtensions.DistributedSessionSecurityTokenHandler, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
</securityTokenHandlers>
</identityConfiguration>
</system.identityModel>
<system.identityModel.services>
<federationConfiguration>
<cookieHandler requireSsl="false" path="/" />
<wsFederation requireHttps="true" passiveRedirectEnabled="false" issuer="https://localhost/sts/issue/wsfed" realm="https://{smartFormsRuntimeServer}/Runtime/" freshness="0" />
</federationConfiguration>
</system.identityModel.services>
<location path="fed">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
<section name="system.identityModel" type="System.IdentityModel.Configuration.SystemIdentityModelSection, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
<section name="system.identityModel.services" type="System.IdentityModel.Services.Configuration.SystemIdentityModelServicesSection, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=B77A5C561934E089" />
</configSections>
<system.identityModel>
<identityConfiguration saveBootstrapContext="false">
<caches>
<sessionSecurityTokenCache type="SourceCode.Security.Claims.Web.WIFExtensions.DistributedSessionSecurityTokenCache, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
</caches>
<issuerNameRegistry type="SourceCode.Security.Claims.Web.IssuerNameRegistry, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16a2c5aaaa1b130d" />
<certificateValidation certificateValidationMode="None" />
<audienceUris mode="Never" />
<securityTokenHandlers>
<remove type="System.IdentityModel.Services.Tokens.MachineKeySessionSecurityTokenHandler, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.SessionSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.Saml2SecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<remove type="System.IdentityModel.Tokens.SamlSecurityTokenHandler, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" />
<add type="SourceCode.Security.Claims.Web.WIFExtensions.Saml2SecurityTokenHandler, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
<add type="SourceCode.Security.Claims.Web.WIFExtensions.SamlSecurityTokenHandler, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
<add type="SourceCode.Security.Claims.Web.WIFExtensions.DistributedSessionSecurityTokenHandler, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
</securityTokenHandlers>
</identityConfiguration>
</system.identityModel>
<system.identityModel.services>
<federationConfiguration>
<cookieHandler requireSsl="false" path="/" />
<wsFederation requireHttps="true" passiveRedirectEnabled="false" issuer="https://localhost/sts/issue/wsfed" realm="https://{smartFormsRuntimeServer}/Runtime/" freshness="0" />
</federationConfiguration>
</system.identityModel.services>
<location path="fed">
<system.web>
<authorization>
<deny users="?" />
</authorization>
</system.web>
</location>
- Then in the <system.web> tag replace the <authentication mode=”windows”/> tag and add an <authorization> tag.
<authentication mode="Forms">
<forms defaultUrl="Default.aspx" loginUrl="../Runtime/_trust/Login.aspx" requireSSL="false" enableCrossAppRedirects="true" cookieless="AutoDetect" timeout="9000" />
</authentication>
<authorization>
<!-- This is overridden for some folders, see location tags -->
<allow users="*" />
</authorization>
<forms defaultUrl="Default.aspx" loginUrl="../Runtime/_trust/Login.aspx" requireSSL="false" enableCrossAppRedirects="true" cookieless="AutoDetect" timeout="9000" />
</authentication>
<authorization>
<!-- This is overridden for some folders, see location tags -->
<allow users="*" />
</authorization>
- Also replace the <system.webServer><modules > with the following.
<modules runAllManagedModulesForAllRequests="true">
<remove name="WebDAVModule" />
<!-- WIF -->
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<!-- Claims Authentication module -->
<add name="ClaimsAuthenticationModule" type="SourceCode.Security.Claims.Web.ClaimsAuthenticationModule, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
</modules>
<remove name="WebDAVModule" />
<!-- WIF -->
<add name="WSFederationAuthenticationModule" type="System.IdentityModel.Services.WSFederationAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<add name="SessionAuthenticationModule" type="System.IdentityModel.Services.SessionAuthenticationModule, System.IdentityModel.Services, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089" preCondition="managedHandler" />
<!-- Claims Authentication module -->
<add name="ClaimsAuthenticationModule" type="SourceCode.Security.Claims.Web.ClaimsAuthenticationModule, SourceCode.Security.Claims.Web, Version=4.0.0.0, Culture=neutral, PublicKeyToken=16A2C5AAAA1B130D" />
</modules>
