|
|
Rank: Member
Joined: 11/23/2011
Posts: 3
Points: 9
|
Hi, i have following environment: SharePoint 2010 Mobile Entrée Farm Installation - v3.0.0.53 (Trial) Android 2.3.7 (CyanogenMod-7) Claimes Based Authentication: Windows (NTLM) + Forms Based Auth. (FBA) Currently it seems impossible to authenticate against SharePoint when using Claimes Based Auth. and ME. Basically any request results in a 403 Forbidden error. It doesn't work when using multiple methods (eg. NTLM,FBA), nor does it work when using a single method eg. (FBA). Surprisingly everything works like a charm without ME. Perhaps it has something to do with the way ME handles the redirects? ME: .../_layouts/meDefault.aspx?__p=%2f_login%2fdefault.aspx&__v=ReturnUrl%3d%252f_layouts%252fAuthenticate.aspx%253fSource%253d%25252F%26Source%3d%252f Default: .../_login/default.aspx?ReturnUrl=%2f_layouts%2fAuthenticate.aspx%3fSource%3d%252F&Source=%2F or perhaps this post is somehow related: http://tinyurl.com/8xfarkgBR, Guido
|
|
Rank: ME Staff
Joined: 1/12/2009
Posts: 279
Points: 408
Location: VA
|
Hi Guido, There are a couple of things you have to do to configure ME to work with FBA/CBA. If you look in this URL: .../_layouts/meDefault.aspx?__p=%2f_login%2fdefault.aspx&__v=ReturnUrl%3d%252f_layouts%252fAuthenticate.aspx%253fSource%253d%25252F%26Source%3d%252f You see a parameter __p equals "_login/default.aspx". You need to tell the ME HTTP Module to ignore this URL. This is done through a URL Exclusion filter defined in Central Administration. See this article: http://www.mobileentree.com/docs/Wiki%20Pages/HTTP%20Filters.aspx#HTTP$Filters Now, once you tell it to ignore "_login/default.aspx", it may still not work, but you can use the __p parameter to find out where SharePoint is trying to send the user and continue to add to the URL Exclude filter until it works. -joe
|
|
Rank: Member
Joined: 11/23/2011
Posts: 3
Points: 9
|
Hi Joe,
Thanks for your quick response.
I added "_login/default.aspx" to the URL Exclude Filter and indeed it still doesn't work. But moreover the __p parameter hasn't changed after applying the filter, still pointing to _login/default.aspx...
BR,
Guido
|
|
Rank: ME Staff
Joined: 1/12/2009
Posts: 279
Points: 408
Location: VA
|
Any time you make a change to the HTTP Filters, you need to reset IIS. Those values are cached on the WFE and wont refresh without the reset.
|
|
Rank: Member
Joined: 11/23/2011
Posts: 3
Points: 9
|
Sry Joe, I completely forgot about this. Now it finally works.
I needed to add the following strings to the filter:
_login/default.aspx
_layouts/mobile/mblmultilogin.aspx
_layouts/mobile/mbllogin.aspx
BR,
Guido
|
|
Rank: ME Staff
Joined: 1/12/2009
Posts: 279
Points: 408
Location: VA
|
Glad to hear it's working for you :)
|
|
Rank: Member
Joined: 1/30/2012
Posts: 3
Points: 9
|
Hi
I have the similar issue. Pretty much the same enviroment like guido
The difference is we have custome login page like "~/_layouts/my.Sharepoint.Authentication/Login.aspx"
If I mention my custom login page under Manage HTTP Filters >> URL Exclude Filter, Will it work?
Thi is what i have under URL Exclude filter by default...
_layouts/Authenticate.aspx|_layouts/login.aspx|_layouts/mysite.aspx|/meDefault.aspx|_layouts/DynamicImageProvider.aspx|_layouts/AccessDenied.aspx|_layouts/mobile/mbldenied.aspx|_layouts/PPSWebParts/.+|_layouts/meLocal.aspx|_layouts/meCacheManifest.aspx
|
|
Rank: ME Staff
Joined: 1/12/2009
Posts: 279
Points: 408
Location: VA
|
Hi,
Yes, you can simply add "Login.aspx" to the Exclude filter like so:
Login.aspx|_layouts/Authenticate.aspx|_layouts/login.aspx|_layouts...
Because this is doing a Regular Expression Match, you only need to use a uniquely identifiable part of your URL.
-joe
|
|
Rank: Member
Joined: 1/30/2012
Posts: 3
Points: 9
|
Thanks for your quick response Joe.
When I try put the url "~/_layouts/my.Sharepoint.Authentication/Login.aspx" in URL Exclude filter, Even after i do iisreset, i didn't see the value (its not saved), Any suggestions?
I can try to exclude "Login.aspx" alone, But I think it won't save as it does before...
I'm getting "403 Forbidden" error when i try from Safari (with User Agent iPhone/iPad)
In theory, it should ignore my custom login page(where we have option to use windows auth/FBA auth)and go to default sharepoint login page (where we allow FBA auth). Am I missing something?
|
|
Rank: ME Staff
Joined: 1/12/2009
Posts: 279
Points: 408
Location: VA
|
Your URL exclude filter should look like the following:
Login.aspx|_layouts/Authenticate.aspx|_layouts/login.aspx|_layouts/mysite.aspx|/meDefault.aspx|_layouts/DynamicImageProvider.aspx|_layouts/AccessDenied.aspx|_layouts/mobile/mbldenied.aspx|_layouts/PPSWebParts/.+|_layouts/meLocal.aspx|_layouts/meCacheManifest.aspx
As far as it not saving, this was a known issue on an older version. Can you check your version number under the Health Check section?
-joe
|
|
Rank: Member
Joined: 1/30/2012
Posts: 3
Points: 9
|
We have installed Mobile Entrée Farm Installation - v3.0.0.58.I downloaded trial and updated Enterprise license.
|
|
|
Guest |