Tag Archives: K2 smartforms

Claims Auth with K2 Windows STS

There are times when you need to provided a dedicated login page to your K2 smartforms Forms or even embed the K2 smartforms Form into your custom ASP.NET website (iFrame). The main issue with these approaches is that K2 smartforms uses Claims Authentication with its K2 Windows STS and thus your users may need to log into your custom ASP.NET website, then log into K2 again, which is not a pretty solution.

This article will show you how to configure your ASP.NET website to authenticate against K2 Windows STS for a seamless login experience.

Note: This procedure is for integration with K2 Windows STS Issuer only. To integrate with K2 Forms STS requires additional work, which will be discussed in a future post.

Add Site Realm and Audience information to K2

  1. Log into K2 Designer and navigate to the Manage Site Realms Form. (All Items > System > Management > Security > Forms > Manage Site Realms)

    140-manage_site_realms
    Path to Manage Site Realms Form
  2. Run the Form.

    140-Run_Form
    Run the Manage Site Realms Form
  3. Click on the New button under the Realms section.

    140-New_Realm
    Add a new Realm
  4. Fill in the URI, Reply URI and select K2 Windows STS for Linked Issuers. Click OK.
    140-New_Realm_Details
    New Realm details
      • URI: This is the IIS website URL for your ASP.NET Web Application. If it is a sub-site, e.g. K2/CustomSite, then you will need to include the full URL path e.g. http://k2blackpearl.somewhere.com/CustomSite/
      • Reply URI: This is the URL that will be called by K2 Issuer. If your site is the root IIS website, then pass in a “/”. If it’s a sub-site, e.g. K2/CustomSite, pass in the sub-site path will do. e.g. “/CustomSite/“.
      • Home Realm: No idea yet. This is something I’ll need to find out more.
      • Linked Issuers: We are authenticating with K2 Windows STS, so obvious choice to choose (=

    IMPORTANT: For both URI and Reply URI, the trailing forward-slash (/) is very important. In earlier versions of K2 blackpearl, the slash is assumed to be always present and thus will throw a “Index and length must refer to a location within the string.” error.

  5. Leave the K2 Designer open for now.

IIS Website Application Pool

Make sure your website’s Application Pool is running .NET Framework v4.0 and Managed Pipeline Mode = Integrated.

Visual Studio Web Application Configuration

Update Web Application’s Web.Config

Download and copy WindowsSTS_web.config to your website’s web.config file. Run through the following sub sections to update the config file.

Update WindowsSTS Thumbprint value
  1. Go back to K2 Designer, navigate to and run the Manager Issuers Form.  (All Items > System > Management > Security > Forms > Manage Issuers).

    140-manage_issuer
    Path to Manage Issuers Form
  2. On the Form, copy the Thumbprint value for K2 WindowsSTS record. The Use For Login value should be True here, since we are going to authenticate with it.

    140-manage_issuer_thumbprint
    Getting K2 WindowsSTS Thumbprint
  3. Open the web.config file updated earlier and change the thumbprint attribute value on the path configuration / system.identityModel / issuerNameRegistry / authorithy / keys / add.

    140-WindowsSTS_Thumbprint
    Updating WindowsSTS thumbprint value
  4. Save the web.config file. Leave the K2 Designer open. You will need to make use of this form again in the next section.
Update Federation Configuration

In the web.config file, go to the section configuration / system.identityModel.services / federationConfiguration.

If your K2 smartforms is configured for HTTPS protocol, you will need to update the requireSsl and requireHttps attributes to true.

140-SSL_Flags
SSL/HTTPS flags

Next, you will need to update the issuer, realm and reply attribute values and save the web.config file.

140-issuer_realm_reply
Issuer, Realm and Reply attributes

 

  • issuer: This is your K2 WindowsSTS issuer URL. Go back to your K2 Designer Manager Issuer Form that was opened earlier to copy the URL.

    140-Issuer_URL
    Edit this record to copy the URL easily
  • realm: This is the website URL used when you add the Realm to K2 in the earlier part of this article. In my example, my URL will be http://K2WindowsSTSLogin.domain.com/.
  • reply: This is the reply uri added earlier in this exercise. Important thing to note here is that the full URL is required. So meaning if it not replying to a sub-site, then the URL will be http://K2WindowsSTSLogin.domain.com/. If it is replying to the sub-site named “/site1”, then the URL will be http://K2WindowsSTSLogin.domain.com/site1/.

Note:

  • It is important that the trailing forward slash (/) is included for both the realm and reply attribute values. If not, you will get the error “Index and length must refer to a location within the string.” when your run the authentication later.
  • There should not be a trailing forward slash (/) for the issuer attribute value.
  • Since the authentication will be looking up the issuer, realm and reply URL, make sure that the web server machine is able to resolve the domain name or NetBios name.

Adding assembly references to your website

You will need to add the following assemble references to your website.

  • System.IdentityModelGAC
  • System.IdentityModel.ServicesGAC
  • SourceCode.Security.WebC:\Program Files (x86)\K2 blackpearl\Host Server\bin\SourceCode.Security.Web.dll
  • SourceCode.Security.Claims.Web –  C:\Program Files (x86)\K2 blackpearl\Host Server\bin\SourceCode.Security.Claims.Web

Add a Global.asax for your website

Download and copy the file content (Global.asax) to your global.asax.cs. This file contains the codes to manage Federation Authentication issues. It is not the perfect set, but solves most of my issues.

Add something to test

Now, to test that the Claims Authentication works and the federation token is recognized by K2, we need a test page.

In our test, let’s create a default.aspx WebForm and add a response.redirect method in the Page_Load method to go to your K2 Designer URL.

140-Page_Load_redirect
Default.aspx Page_Load method

Grand Finale – Testing Claims Auth with K2 Windows STS

Now, to run the test, publish your Web Application to IIS, open your web browser and navigate to your custom website. When the site loads, you will notice that it is redirected to your K2 WindowsSTS for authentication.

140-login-prompt
Redirect to K2 Windows STS for authentication

Go ahead to fill in the user name and password to login. You will notice that the authentication will be successfully and redirected to your reply uri. Your default.aspx page will be loaded and redirect to your K2 Designer site. There is no additional login at your K2 Designer site and it loads your credentials correctly!

140-K2_designer
K2 Designer logged in with your account credentials!

 

Have fun!

 

Troubleshooting

No connection could be made because target machine actively refuse it 127.0.0.1:5555

This error will occur when you have a distributed setup – blackpearl and smartforms server on different boxes.

Error on distributed setup.
Error on distributed setup.

To resolve this, make sure you have the HostName key in your ASP.NET web.config’s appSettings section. This key’s value should be your K2 blackpearl server/cluster’s FQDN.

140-hostnamefqdn
HostName key

Carry out an IIS reset and everything should work now.

K2 smartforms: CSS hack to rotate Data Label text

Do you want to have a section title that looks like this?

134-Outcome
Left rotated section title

If you do, this is the CSS hack/trick to make it happen:

  1. Add the following style to your selected Theme’s CSS file.
  2. Next, in your View or Form, add a Label and fill in the Text as “rotate-left”. Notice that this is the value of the title attribute of the style above.

    134-Label_property
    Set Label’s Text property to “rotate-left”
  3. Add a Data Label right after Label configured above. There’s no special settings for this control.

    134-DataLabel_after_Label
    Data Label right after the Label with “Title” = “rotate-left”
  4. Restart your IIS if required and test the Form and the Data Label‘s text will be rotated.

    134-Outcome
    Final Outcome

Checking for inactivity in K2 Smartform

This article covers the steps to get a timer going that checks for inactivity.

Inactivity is consider as no movement in the mouse or keyboard.


So here we have create a View and add a Data Label in it.

Step 1, adding a Data Label
Step 1, adding a Data Label

 

Next go to the rules designer and add a View Initialize Rule.

2. Adding a View Init Rule
Step 2. Adding a View Initialize Rule

Now configure this rule and do a “Transfer Data” action.

3. Adding Transfer Data Action
Step 3. Adding a Transfer Data Action

The javascript that does all the magic is found here, http://stackoverflow.com/questions/9564602/how-to-know-browser-idle-time

But for our case, we need to modify it a little, so to use my version download the script from the following link, http://pastebin.com/embed_js.php?i=FDkg3EML

4. Adding the script
Step 4. Copy the script into the rule

 

Finally, Save & Checkin and Test.

Step 5. Testing!
Step 5. Testing!

K2 smartforms: How does “Get confirmation from user” Action functions

A lot of times before a form submission, changes to important values, etc. “Initialize” actions, you will want to prompt the User to get their confirmation on their action like the following:

Some weird logic.. =)
Some weird logic.. =)

Well.. The above is just for illustration and by no means you should irritate your Users, no matter how you dislike them =)

The Action that allow us to prompt and get a confirmation from the User is the “Get a confirmation from user” Action, which can cheap mlb jerseys be found under the “Notifications” section:

Where is the Action?
“Get confirmation from user” smartforms: Action

Now, based on the explanation from the production site the “OK” and “Cancel” buttons function like this:

  1. If the “OK” button is clicked, it will process the subsequent Actions.

    62-ActionsAfterGetConfirmation
    Click “OK” and the highlighted cheap mlb jerseys section will be processed.
  2. If the “Cancel” button it clicked, it will stop processing subsequent Actions.

    62-ActionsAfterGetConfirmation
    Click “Cancel” and the highlighted section will NOT be processed.
  3. When the Action is used in a “If” to condition, clicking on the “OK” button will process the subsequent Actions. Click on the “Cancel” button will process the “Else” condition.

    62-ActionInCond
    How the Action reacts to “OK” and “Cancel” clicks

It is pretty straight cheap mlb jerseys forward for the above cases, but it is different if Nullam you configure it like the following:

62-FailCond
Wrong configuration

In the sample, message B or C will still be processed after the user clicks on “Cancel” button. This is correct by design, since the production documentation states that it will only stop execution of follow-up Actions. So, an “If” is not an Action and thus will be processed regardless of the button clicked.

To make the above sample work, you will need to wrap Mac the Action within a Condition like the following:

62-CorrectConfig
Correct configuration

This setup will ensure that when the User clicks on the “Cancel” button, the “Stop rule execution” Action is triggered and the rest of the Rule processing is aborted. If the User clicks on the “OK” button, the follow-up Actions and Conditions will be processed.

Now, what did I put in the “If an advanced condition is true” Condition?

62-advCond
To ensure this condition always run.

It is a 1 cheap mlb jerseys = 1 condition which will ensure that it will always execute and support our “Get confirmation from user” scenario.

Hope this helps!

K2 smartforms: View’s Expressions need “Initialize” Rule to start on Form load

When you Nouvelle add a View to a Form, wholesale nfl jerseys the Form will automatically inherit the Rules from the View and at the same time, automatically adds a “When [View] executed Initialize” Rule. This is regardless whether your View has this Rule at all.

Based on K2 smartforms Implementation Tips, you should “Refactor, clean and simplify Form and View Rules” to speed up development and runtime experience.

Now, this tip is only true if you do not need any Expressions on the View to be evaluated when the Form loads.

Let’s see why:

This is my sample View:

View Design
View Design

It has 2 Text Boxes, let us refer to the top Text Box as “Value A” and the bottom Text Box as “Value B”. Lastly, there is a “Addition Result” Data Label, Or which has the following Expression:

Addition Result Data Label's Expression
Addition Result Data Label’s Expression

When I test this View, I should see that the “Additional Result” gets evaluated correctly.

View in run time mode
View in run time wholesale nfl jerseys mode

Next, I proceed to add the View to a Form.

Form with the View added
Form with the View added

Going on to the Rules page now, I see that there is a “When the Form is Initializing” Rule added.

Form Rule(s)
Form cheap jerseys Rule(s)

In the rule, there is an Action running the View’s “Initialize” method.

The Initialize Action
The Initialize Action

But wait! I did not configure any Initialize Rule on my View earlier. So let’s remove it based on the best practice and view my Form in runtime URL.

Form run time. Note that the "Addition Result" did not evaluate.
Form run time. Note that the “Addition Result” did not evaluate.

Hmm… something is wrong. The “Addition Result” Data Label did not show any value. It Wylick should have, since it has the Expression configured and both “Value A” and “Value B” Text Boxes have values in them.

Updating the “Value A” to 2 kicks off the Expression evaluation and I get the value in “Addition Result”. This shows that the Expression works, just that it did not start evaluating when the Form loads.

After updating "Value A", the "Addition Result" is evaluated now
After updating “Value A”, the “Addition Result” is evaluated now

Now, of going back to my Form Rule designing page, I put back the Form Initialization Rule that calls on the View’s Initialize method that with I have deleted earlier. After checking in the Form, I try running the Form again.

It works now!

Expression working now!
Expression working now!

Great! Now we know God that View’s Expressions will only start running on Form load when the View’s Initialize method is called on. So, it does not mean that we should always remove View Initialize method on Form Rules when there isn’t any actions in it =)

K2 smartforms: How to Create a selectable group of Views

This article wholesale MLB jerseys shows you how to create a selectable Checkbox Views section like the following:

Section collapsed
Section collapsed

 

Section expanded
Section expanded after checking on the section header’s checkbox

 

  1.  Appending the following style to your form’s theme CSS files (Both Designer and Girls Runtime).
    If you are using the default Platinum theme, then your CSS file will be located at [Path to K2 blackpearl folder]\K2 SmartForms Runtime\Styles\Themes\Platinum.css and [K2 blackpearl folder]\K2 smartforms Designer\Styles\Themes\Platinum.css.

  2. Edit the Form. Add a Table control to the form. Set the column and rows to be 1 x 1.

    Add Table control
  3. Add a Label control into the table cell. This label needs to be the first control in the table cell.

    Add Label control into the table cell
    Add Label control into the table cell
  4. Add a Checkbox control into the table cheap jerseys cell, right after the zum Label control above. The CSS selector above will use this These combination of Table > Label + sibling Checkbox condition to apply the required stylings.

    17-Add_Checkbox
    Add Checkbox control after the Label control
  5. The section header is now ready. Add your Views after this header and apply your rules to hide/show the underlying views when the checkbox Montaditos is checked or cleared.
    Add wholesale NBA jerseys required child Views

    Apply Rules to hide/show Views on Checkbox is changed
    Apply Rules to hide/show Views on Checkbox is changed
  6. Save and test the form!

    Final output
    Final output

Note: You may need to execute an IIS reset to refresh a cached stylesheet.