Authentication on OpenAccess Dashboards when SSO enabled

me1 · March 31, 2016, 7:30am

Hi,

We enabeled SSO/windows authentication yesterday. This morning i noticed that our wall monitors displayed a login box. These screens display a few squaredup open access dashboards, which with forms authentication just worked.

The computer running these screens is using firefox, adding squaredup url to the FF config makes the user authenticate.
No license are being used.

thedecembertist · March 31, 2016, 7:50am

Hi!

We encountered the same problem when we activated Windows Authentication, and the solution for us was to verify the authorization-rules in web.config. Try changing your web.config to resemble something similar to this (the most important rule to verify anonymous access to would be for the path “OpenAccess”):

  <location path="UserContentStorage">
    <system.web>
      <authorization>
        <deny users="*" />
      </authorization>
    </system.web>
  </location>
  <location path="OpenAccess">
    <system.web>
      <authorization>
        <allow users="?" />
      </authorization>
    </system.web>
  </location>
  <location path="Content">
    <system.web>
      <authorization>
        <allow users="?" />
        <allow users="*" />
      </authorization>
    </system.web>
  </location>
  <location path="Scripts">
    <system.web>
      <authorization>
        <allow users="?" />
        <allow users="*" />
      </authorization>
    </system.web>
  </location>

clarkd · May 9, 2016, 3:47pm

Have you checked whether you have anonymous authentication disabled on your Squared Up server? This needs to be enabled in order to bypass authentication. I disabled this as a test and received the same issue as you described above. You can check this via:

-> IIS

-> Squared Up application

-> Authentication

me1 · March 31, 2016, 7:55am

Thank you, i checked OA section, and it seems to be the same as yours,

thedecembertist · March 31, 2016, 8:48am

Do you allow anonymous to “Content” and “Scripts” as well? If you check what sources the browser access when you open a OA dashboard it should be all three folders.

me1 · April 4, 2016, 11:35am

Yep, this is my location config

me1 · May 10, 2016, 7:10am

I willl take a look. We’re back to forms at the moment, but are trying to switch to kerberos again shortly

anonymous · May 10, 2016, 8:23am

Whichever authentication you have enabled i.e. windows or forms make sure that you have anonymous enabled as well as this bypasses authentication for open access.