Article No.3259User-ManagementTroubleshooting - User authentication | Windows authentication with IIS
If Windows authentication now longer functions correctly as of Intrexx 19.03, you need to check the following configurations.
1. Portal service 2. web.xml 3. web.config 4. Restart the services 5. Activate Windows authentication in IIS
Requirements: Please note that the interaction between Intrexx an IIS as a reverse proxy has changed as of Intrexx 19.03, therefore the following points need to be taken into account when using IIS.
- IIS installation So that Intrexx and IIS can work together correctly, IIS must be prepared accordingly (ARR module, ASP.net, etc.). You can find a detailed guide for installing IIS in our Online Help at: https://onlinehelp.unitedplanet.com/intrexx/9200/en/index.html?p=helpfiles/help.2.vorbereitung.html#Multiple-portals-under-one-address
- Switching from integrated authentication to a custom authentication method Please note that when you switch from or to integrated authentication, Intrexx automatically adjusts the web.config and web.xml files. Therefore, this means that when you switch from integrated authentication to a custom authentication method, these files need to be readjusted.
Troubleshooting: 1. Portal service Is the portal service (Windows services) executed by a user who has permission for the domain?
2. web.xml Are the parameters in the XML set correctly? You should check whether the following parameters are set to “allow” (s. webxml.png):
In addition, the following filter, or rather its parameter, must be set to “true” (s. webxml2.png):
<filter> <filter-name>External Authentication Filter</filter-name> <filter-class>de.uplanet.lucy.server.connector.servlet.ExternalAuthenticationFilter</filter-class> <init-param> <description> This property is used to enable or disable the filter. IMPORTANT: For compatibility reasons the default value of this property is true for the External Authentication Filter. Values: true (default) or false. </description> <param-name>enabled</param-name> <param-value>true</param-value> </init-param>
3. web.config The “Windows” authentication mode must be enabled (by uncommenting the lines) (s. webconf.png):