Fabian Näf Posted June 21, 2017 Share Posted June 21, 2017 Hi I just updated to the new Build 8000 and I checked out all these new authentication options for mobile access. It's so nice that there are so many new options available (including SAML as well!). With my first test I just used "Active Directory Authentication" but I ran in an error, when I hit the "Login" button: Best regards, Fabian Link to comment Share on other sites More sharing options...
Fabian Näf Posted June 21, 2017 Author Share Posted June 21, 2017 Another Bug: When I use the "Office 365"-Theme, I can't see what I'm typing in the search field, because the text and the background are black. Link to comment Share on other sites More sharing options...
support Posted June 21, 2017 Share Posted June 21, 2017 Hi Fabian, For the AD error, can you please go to the screen Administration -> Passwordstate Administration -> System Settings -> Miscellaneous tab, and confirm the Base URL field here is correct for your Version 8 install. The mobile client communicates via the API for AD Authentication, and if this setting is wrong, it will not work. If this was the issue, can you also restart the site in IIS to pick up this value. For the Office 365 theme, these are supplied themes from Telerik (http://www.telerik.com/kendo-ui. We actually remove a lot more themes, as they were just not very nice at all. We may need to remove this one also, as what you've found is definitely an issues. Regards Click Studios Link to comment Share on other sites More sharing options...
support Posted June 21, 2017 Share Posted June 21, 2017 Hi Fabian, For the Office365 theme, can you tell us what browser/phone you are using. The theme is not black for us, and cannot reproduce this issue? Thanks very much. Regards Click Studios Link to comment Share on other sites More sharing options...
Fabian Näf Posted June 22, 2017 Author Share Posted June 22, 2017 Hi I tested this with my Samsung Note 3 with Chrome and also with Chrome-Browser on my PC. The search field contains the text "Search Passwords..." (or "Search Password Lists...") in gray with background in black. As soon as I start to type my search-text, the whole field is black like on the screenshot. Here's a screenshot: Download Screenshot Best regards, Fabian Link to comment Share on other sites More sharing options...
Fabian Näf Posted June 22, 2017 Author Share Posted June 22, 2017 I just checked out the Base URL under the System Settings. My Base URL is correct and it's specified with https: https://passwordstate.*****.com But I dont use a trusted certificate, propably this could have an impact. Best regards, Fabian Link to comment Share on other sites More sharing options...
Fabian Näf Posted June 22, 2017 Author Share Posted June 22, 2017 Hi There I just tried to open /winapi in my browser and I got the following error: Server Error in '/' Application. Configuration Error Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS.Source Error: Source File: c:\inetpub\Passwordstate\winapi\web.config Line: 16 Show Additional Configuration Errors: Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.2053.0 ================================================================================ In Windows-Event Viewer I got the following error: Event code: 3008 Event message: A configuration error has occurred. Event time: 22.06.2017 19:32:57 Event time (UTC): 22.06.2017 17:32:57 Event ID: 33fa2040c3b44e3d9cb739a5831e499c Event sequence: 23299 Event occurrence: 5 Event detail code: 0 Application information: Application domain: /LM/W3SVC/2/ROOT-13-131425523658406834 Trust level: Full Application Virtual Path: / Application Path: c:\inetpub\Passwordstate\ Machine name: **** Process information: Process ID: 7028 Process name: w3wp.exe Account name: NT AUTHORITY\NETWORK SERVICE Exception information: Exception type: ConfigurationErrorsException Exception message: It is an error to use a section registered as allowDefinition='MachineToApplication' beyond application level. This error can be caused by a virtual directory not being configured as an application in IIS. (c:\inetpub\Passwordstate\winapi\web.config line 16) at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal) at System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(ConfigurationSchemaErrors schemaErrors) at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject) at System.Configuration.BaseConfigurationRecord.GetSection(String configKey) at System.Web.Configuration.RuntimeConfig.GetSectionObject(String sectionName) at System.Web.Configuration.RuntimeConfig.GetSection(String sectionName, Type type, ResultsIndex index) at System.Web.Configuration.RuntimeConfig.get_Identity() at System.Web.HttpContext.SetImpersonationEnabled() at System.Web.HttpApplication.AssignContext(HttpContext context) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) Request information: Request URL: https://passwordstate.********.com:443/winapi/ Request path: /winapi/ User host address: 194.230.*****.70 User: Is authenticated: False Authentication Type: Thread account name: NT AUTHORITY\NETWORK SERVICE Thread information: Thread ID: 94 Thread account name: NT AUTHORITY\NETWORK SERVICE Is impersonating: False Stack trace: at System.Configuration.ConfigurationSchemaErrors.ThrowIfErrors(Boolean ignoreLocal) at System.Configuration.BaseConfigurationRecord.ThrowIfParseErrors(ConfigurationSchemaErrors schemaErrors) at System.Configuration.BaseConfigurationRecord.GetSectionRecursive(String configKey, Boolean getLkg, Boolean checkPermission, Boolean getRuntimeObject, Boolean requestIsHere, Object& result, Object& resultRuntimeObject) at System.Configuration.BaseConfigurationRecord.GetSection(String configKey) at System.Web.Configuration.RuntimeConfig.GetSectionObject(String sectionName) at System.Web.Configuration.RuntimeConfig.GetSection(String sectionName, Type type, ResultsIndex index) at System.Web.Configuration.RuntimeConfig.get_Identity() at System.Web.HttpContext.SetImpersonationEnabled() at System.Web.HttpApplication.AssignContext(HttpContext context) at System.Web.HttpRuntime.ProcessRequestNotificationPrivate(IIS7WorkerRequest wr, HttpContext context) Custom event details: ================================================================================ Then I opend my IIS Manager and I browsed to the WinAPI-Folder and I tried to open the Authentication properties. I got the following error, referenced to Line 16 Error: Configuration section not allowed to be set below application To resolve the issue I converted the Folder WinAPI in IIS Manager into an Application. All problems are solved now. When I access /WinAPI with my browser I get the manual. And Active Directory-Authentication with the Mobile Interface is also working perfect now!! Best regards, Fabian Link to comment Share on other sites More sharing options...
support Posted June 22, 2017 Share Posted June 22, 2017 Hi Fabian, Once the upgrade of version 8 was complete, it instructs you of what you need to do in order to use the new API - unfortunately we cannot do this problematically, because of the level of access required. New installs are fine though. If you go the the Help Menu, and User Manual, have a look at the KB Article titled 'Configure WinAPI After Version 8 Upgrade'. It sounds like you've done everything right, but can you double check? Thanks very much. Regards Click Studios Link to comment Share on other sites More sharing options...
Fabian Näf Posted June 23, 2017 Author Share Posted June 23, 2017 Hi Yes, your right, I remember this text after the upgrade... Quote New Windows Integrated API - If you are wanting to use the new Windows Integrated API, you will need to follow the KB Article titled 'Configure WinAPI After Version 8 Upgrade' which can be found in the Help -> User Manual menu I saved this text for doing this later, when I start to use the new API.... I was not aware, that using the Mobileinterface is related to this. Probably, everybody should follow the KB Article, not only the users, who are wanted to use the WinAPI. I just double checked the KB Article and I updated my configuration and created a new own AppPool for WinAPI (I was using the default "Passwordstate" App Pool). Thanks a lot!! Best regards, Fabian Link to comment Share on other sites More sharing options...
support Posted June 23, 2017 Share Posted June 23, 2017 Hi Fabian, The Mobile client does not use this new Windows Integrated API - only the older standard API with the URL of /api. Regards Click Studios Link to comment Share on other sites More sharing options...
Fabian Näf Posted June 23, 2017 Author Share Posted June 23, 2017 Hi Oh, I came to this, because you wrote: Quote The mobile client communicates via the API for AD Authentication Since I configured the WinAPI-Folder as Application Pool, AD Authentication on the Mobile Interface is working. Probably I changed something else, but I don't remember... Best regards, Fabian Link to comment Share on other sites More sharing options...
support Posted June 24, 2017 Share Posted June 24, 2017 Maybe it was that Base URL field I mentioned? We've have AD Authentication in version 7 as well, and sorry I should have mentioned this. Regards Click Studios Link to comment Share on other sites More sharing options...
Fabian Näf Posted June 24, 2017 Author Share Posted June 24, 2017 No I didn't change anything in the Base URL field. I'm not 100% sure if I did a iisreset after the upgrade. I directly tested the mobile interface after the upgrade to build 8000. Probalby this could be the reason, but I'm not sure. Anyway, now it's running perfect and I'm happy :-) Thanks a lot for your support! It's highly appreciated. Best regards, Fabian PS: I'll see if I find some time to test SAML authentication for the mobile interface in the next weeks. Link to comment Share on other sites More sharing options...
support Posted June 25, 2017 Share Posted June 25, 2017 Thanks very much Fabian With the SAML auth for mobile client, there are separate settings for this on the System Settings page, so your SAML provide can return you back to your mobile site URL, instead of your main site's URL. Regards Click Studios Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now