We have Sharepoint 2013 single server farm and another one server with ADFS 2.0
Now configure sharepoint site with below steps:
Install ADFS 2.0
Configure ADFS with the web application as a relying party
Configure SharePoint Server 2013 to trust ADFS as an identity provider
Configure the web application to use claims-based authentication.
Demonstrate SAML-based claims authentication from SharePoint web application
and it will working fine with sharepoint.
Now we add one provider hosted app with this sharepoint site but we get some error.
1. When deploy from VS2012 it will give an error
"Error occurred in deployment step 'Install app for SharePoint': The System Account cannot perform this action."
second way we are upload app file into app catalog and try to add this app in to sharepoint site.
Error : “Application error when access /_layouts/15/appInv.aspx, Error=This App is not installed on this site. at Microsoft.SharePoint.Lifecycle.SprocWrappers.GetAppInstanceById(SqlSession dbSessionWrapper, Guid siteId, Guid webId, Guid instanceId, Int32 lcid) at Microsoft.SharePoint.Administration.SPAppCatalog.GetAppInstance(SPWeb web, Guid appInstanceId) at Microsoft.SharePoint.ApplicationPages.AppInvPage.SetControlStateUsingAppInstanceId(String appInstanceId) at Microsoft.SharePoint.ApplicationPages.AppInvPage.OnLoad(EventArgs e) at System.Web.UI.Control.LoadRecursive() at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)”
This issue may be due to claim base authentication in sharepoint 2013 site. because this app will working fine in windows base authenication sharepoint site.
I faced the same issue but I was not using ADFS. For me the solution was to use another account for installing the High Trust Provider-Hosted app. The server farm account should not be used for other services. Try using another account that has required permissions.
Related
I have a portal running using claim base authentication (windows and FBA) and enabled anonymous access , it was working fine until 19-06-2022 windows server 2016 ask for restart to install updates, after that the portal is still working only for anonymous access when try to login as FBA form login default page its just refresh without login, dont know why is that and can not login as FBA, also when try to login as windows authentication, its gives an error :
"System.ArgumentException: Exception of type
'System.ArgumentException' was thrown. Parameter name: encodedValue
at
Microsoft.SharePoint.Administration.Claims.SPClaimEncodingManager.DecodeClaimFromFormsSuffix(String
encodedValue) ......."
After check windows update history the updates related to sharepoint is :
Security Update for Microsoft SharePoint Foundation 2013 (KB5002219)
Security Update for Microsoft SharePoint Enterprise Server 2013
(KB5002062)
those two updates are released in JUNE 14, 2022.
tried many old solutions all over the net and not fixed
tried to crate new empty web application with enable Windows and FBA authentication also not fixed the issue.
but web application works fine when disable FBA and just enable Windows authentication.
Any suggestion !?
Are you accessing your site via HTTPS/SSL? If not, that is probably the problem. Chrome made some changes to it's cookie handling a while ago, and when SharePoint released updates to handle them it broke the ability to login via FBA without SSL. All of the latest SharePoint updates require the site to be hosted with SSL for FBA login to work.
Thank you for reading my question.
I'am trying to implement Azure AD B2C in Sitecore 9.0.2 version that being said i have used a sample code from Git Hub which implemented ADB2C using ASP.NET MVC. I created a feature project in Sitecore added all the files needed,built the solution and deployed it to Sitecore web root, resolved dll conflicts but still seeing one issue:
Sitecore have an older version of "System.IdentityModel.Tokens.Jwt" dll with class "System.IdentityModel.Tokens.JwtSecurityTokenHandler" which is no longer available in Version=5.2.1.0
Any help/guidance here to resolve this issue or is there any sample implementation available in Sitecore with Azure AD B2C.
Note: i'am not looking for Federated Authentication (Azure Active Directory) Azure AD
enter image description here
Steps to create Azure AD B2C :
Login to Portal.azure.com and create a New Tenant (working directory
with subscription)
Link your Subscription
Create/Register an Application (Client)
Create Client Secret, User Flows, Custom policies reference
Create an MVC application which can generate Azure Login Url reference
Deploy your code to sitecore root & browse the site.
Open Issues : Users need to be created in Sitecore manually even after having Virtual User creation in place.
I've being trying to fix this problem for a week without luck. I am trying to access a sharepoint application hosted on azure that has the option "Log in with Azure Active Directory" enabled on azure .The app works perfect in sharepoint withouth that option in azure, what am I doing wrong?
Also, consider that my app uses the rights Web amd User Profiles as "read", stated on AppManifes.xml. Like I said, the app works well when the "Log in with Azure Active Directory" option is not enabled.
I am using FBA authentication model into one of SP WebApplications in our SP 2013 farm to give users outside the AD, accessibility to one of SPSite so they can access the lists & Libraries and run sharepoint apps ..
for that I installed & configured the components necessary to enable & manage the FBA users easily by following the steps in the great article made by Sean Earp
Configuring SharePoint 2013 Forms-Based Authentication with SQLMemberShipProvider
Now I am able to acess my SPsite using FBA users and see the Libraries & Apps inside the SharePoint site. and when I try to access one of the provider-hosted apps, the request redirected to the remote web using the FBA account correctly, but I didn't have any access to web-app or host-app from the remote website.
Is there any restriction to access sharepoint-hosted apps using FBA authentication model in SharePoint 2013.
You need to made some entry in your remote IIS site's web.config file.
Check below link. It might be helpful for you
http://www.sharepointpals.com/post/How-to-create-a-Provider-Hosted-Application-on-Form-Based-Authentication-WebApplication-in-SharePoint-2013
There is a Sharepoint 2013 installation which uses ADFS for authentication with the internal domain controller. The need is to write a console app/android app which can browse to a folder and then upload a document into sharepoint server. The problem I am facing is how to authenticate because the SAML 2.0 ECP profile which is required for non-browser based SAML authentication is not supported by ADFS. Is there any way in which the application can be written or is it not possible at all.
Check the code sample available here:
Remote Authentication in SharePoint Online Using the Client Object Model
The idea is to simulate a user browsing Sharepoint to retrieve the FedAuth authentication cookie, and then using this cookie in your app to perform other Sharepoint calls.