You are viewing limited content. For full access, please sign in.

Question

Question

Social Bpm problem with authentication on internet.

Discussions Directory Server
Updated March 5, 2015
asked on March 4, 2015 Show version history

Hi, 

Someone here has the Social Bpm published on internet ? I have my IIS where my Social Bpm is installed published on internet but my Directory server no. So when any user tries to access Social BPM, the user get a error bacause the social bpm redirects to Directory server and it is not published on internet.

Any ideas to solve this problem without publishing the directory server on internet ?

 

Thanks!

0 0

Answer

SELECTED ANSWER
replied on March 5, 2015 Show version history

Are you using a self-signed certificate or did you purchase a certificate from a third party, like VeriSign or Go-Daddy?  If you are using a self-signed certificate, you must add the certificate to the trusted root on all machines that will be accessing the site to avoid getting these errors. If you have an IT department, talk to them about an efficient way to do this.

If you are using a purchased certificate, then you should not be receiving any errors. There may be an issue with the certificate, such as being expired. If you have confirmed that it is a valid certificate and are still receiving errors, please open a support case.

Edit: Note that if you are accessing Social BPM using https://localhost/SocialBPM rather than https://yourfullservername.yourdomain.com/SocialBPM  , you may get errors like "The security certificate presented by this website was issued for a different website's address. Try entering the fully qualified domain name when you visit the site.

2 0

Replies

replied on March 4, 2015 Show version history

Hi Allan.

You do not need to publish the Directory Server to the internet. You only need to publish the individual component of it called the WebSTS. This component serves to provide a login screen to use with the Directory Server hosted locally on the same machine. It does not expose any part of the Directory Server to the web other than the login call.

 

I should add though that I cannot guarantee that this particular setup works since it was not specifically designed for it... though I can't think offhand of any reason why it wouldn't work.

 

Edit: Sorry, totally slipped my mind that this won't work at the moment because Social BPM and Directory Server currently only support forms of LDAP and Active Directory or eDirectory users, so your users will not be able to authenticate over the internet. Stay tuned for ways of making this work in the future though. 

1 0
replied on March 5, 2015

Hey Flavio Kuperman!

Thanks for your answer ! Did you implemented the social pbm in any internal lan of any company ? Internally my social bpm works but the browser always accuses certificate errors, is there a way to avoid that error ? Did you have any ideas to guide me ? Well, I'll continue looking for a solution...

0 0
SELECTED ANSWER
replied on March 5, 2015 Show version history

Are you using a self-signed certificate or did you purchase a certificate from a third party, like VeriSign or Go-Daddy?  If you are using a self-signed certificate, you must add the certificate to the trusted root on all machines that will be accessing the site to avoid getting these errors. If you have an IT department, talk to them about an efficient way to do this.

If you are using a purchased certificate, then you should not be receiving any errors. There may be an issue with the certificate, such as being expired. If you have confirmed that it is a valid certificate and are still receiving errors, please open a support case.

Edit: Note that if you are accessing Social BPM using https://localhost/SocialBPM rather than https://yourfullservername.yourdomain.com/SocialBPM  , you may get errors like "The security certificate presented by this website was issued for a different website's address. Try entering the fully qualified domain name when you visit the site.

2 0
replied on March 5, 2015

Brianna Blanchard

Thanks a lot! I'll analyze all the information and give you a feedback!

0 0
replied on March 4, 2015

Raymond, 

The problem is:  IIS with directory server is not published on internet, when the user connects on social Bpm it redirects the user to Directory server wich is not published on internet so when it happens the directory server is not found bacause the reason described above, Directory server is visible only on internal Lan. I'm trying to make the social pbm find the directory server when the social bpm is accessed externaly without publishing the directory server on internet. 

socialBPM.png
socialBPM.png (359.95 KB)
Download
1 0
replied on March 4, 2015 Show version history

What message are they getting when they try to connect? Can you take a screenshot showing the full screen and attach it to this thread? 

We need the screenshot to be able to tell what you are running into since the description you gave us does not provide much detail.

0 0
replied on March 5, 2015

What message are they getting when they try to connect? Can you take a screenshot showing the full screen and attach it to this thread? 

No messages appear bacause any user that tries to access the social bpm externally (Internet) won't be able to be redirected to the Directory server, because it is not published on internet. A good solution would be if the social bpm make transparent logon and not redirect the user to directory server.

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Attachments
Related Posts
Loading ...