Standard K2 Site Authentication

1. Open the Management site, and expand Authentication > Claims >Issuers.
   
2. Select the K2 Windows STS option and click Edit.

   

3. On the Edit Claim Issuer screen ensure the Use For Login is selected.

   

4. Click Realms in the navigation tree. In this example the SmartForms runtime realm is selected. Click Edit.

   

5. On the Edit Realm page, select the K2 Windows STS option and click OK.

   

6. When logging into a SmartForm at runtime, your credentials are automatically authenticated against the Security Provider and the form loads.

1. Open the Management site, and expand Authentication > Claims >Issuers.
2. Select the K2 Forms STS option and click Edit.

   

3. On the Edit Claim Issuer screen ensure the Use For Login is selected.

   

4. Click Realms in the navigation tree, In this example we will edit the SmartForms runtime realm, click Edit..

   

5. On the Edit Realm screen, select the K2 Forms STS option and click OK.

   

6. When logging into a SmartForm at runtime, you are redirected to the following login page. Enter your username and password and click LOGIN using FormsSTS that you just set up.
   
The look and feel of the Login page can be modified via the LogIn.cshtml file in the following folder: "%ProgramFiles%\K2\WebServices\Identity\Sts\WindowsorForms\Views\Account". When upgrading K2 all changes to the Login page will need to be reapplied as the page is overwritten.

Follow the steps below to change the security mechanism:

1. Open Internet Information Services (IIS).
2. Open the site where SmartForms has been installed.
3. Click on Explore in the Actions panel on the right.
4. Scroll down to the bottom until you find the web.config file.
   
   
5. Right-click the file and select Open With > Notepad.
6. Search for the following "<authentication mode".
7. Change the type to the required mode either windows or forms.
   
   
8. Save the file.
9. If Forms Authentication is selected, the following step is required:
   
   In the web.config file search for “windowsAuthentication enabled”. Change the windowsAuthentication enabled from “true” to “false”.
   
   
   
   The login screen will be activated every time the user logs into the site.

User Name

The identity can be specified in one of the following formats: “user name” Authenticates with and without the current domain against all security labels. “K2 label:user name” Authenticates with and without the current domain against the specified security label. “domain\user name” Authenticates with the specified domain against all specified security labels. “K2 label:domain\user name” Authenticates with the specified domain against the specified security label.

Password

Can include upper and lower case letters, numbers and symbols.

Troubleshooting Tip

When using Forms Authentication, the following error will appear if the webconfig windowsAuthentication setting is not changed to False.

Design Time/Runtime Permissions

No extra permissions are required for SmartForms to work. SmartForms uses product permissions and rights with regards to SmartObjects and Workflows.

However, rights can be set in IIS on the design time or runtime site level. The design time and runtime sites have different web.config files and each site can be set up to use its own type of security mechanism. This enables administrators to allow certain people to design SmartForms and other people to use SmartForms in runtime.

Follow the method mentioned above to set the authentication on the SmartForms sites in IIS. Alternatively, set the rights in the web.config files that can be located in the following locations:

Designer: "%ProgramFiles%\K2\K2 smartforms Designer\Web.config"
Runtime: "%ProgramFiles%\K2\K2 smartforms Runtime\Web.config"