You are viewing limited content. For full access, please sign in.

Question

Question

Web Scanning via URL with LFDS

Web Client Directory Server Scanning
Updated March 13, 2019
asked on February 11, 2019

I'm attempting to follow the instructions for invoking scanning via a Web Client URL found in this document - https://support.laserfiche.com/resources/2716/url-linking-in-web-access

However this document is so old and I'm sure it is lacking info on using URL Links with LFDS because when I attempt to invoke scanning I get this error :

On my Web Access server in the event logs I see this:

Log Name:      Laserfiche-WebClient-Server/Operational
Source:        Laserfiche-WebClient-Server
Date:          2/11/2019 12:20:53 PM
Event ID:      1
Task Category: AdministrativeMessage
Level:         Information
Keywords:      Session0,Session1,Session2,Session3
User:          Service Account assigned to WebAccessAppPool
Computer:      webaccess server
Description:
The token XML does not appear to be valid.
Parameter name: tokenXml
Operation: /laserfiche/App_Services/ScanningService.asmx?repo=ITSD-TEST-DEV
  Message: Exception encountered, stack trace:
  Laserfiche.WebAccess.Common.Scanning.ScanningError.Create
  Laserfiche.WebAccess.Common.Scanning.ScanningResult.AddError
  Laserfiche.WebAccess.ScanningService.Negotiate
  System.RuntimeMethodHandle.InvokeMethod
Exception details:
  Message: The token XML does not appear to be valid.
Parameter name: tokenXml
  Stack trace:    at Laserfiche.SecurityTokenService.Ticket..ctor(String tokenXml)
   at Laserfiche.WebAccess.Common.ConnectionManager.AuthenticateSessionWithClaims(Session sess, RepositoryRegistration repoReg, ClaimsIdentity claimsId)
   at Laserfiche.WebAccess.Common.ConnectionManager.AutoLogon(String repoName, HttpContext context, Boolean forceLogin, WARepository waRepo)
   at Laserfiche.WebAccess.ScanningService.Negotiate(String repository, ScanningNegotiationProperties properties)

  Session: q1vxvww1

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Laserfiche-WebClient-Server" Guid="{E1931BBE-B561-55CE-776E-86D128B8CD81}" />
    <EventID>1</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>65533</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8000f00000000000</Keywords>
    <TimeCreated SystemTime="2019-02-11T19:20:53.575624200Z" />
    <EventRecordID>49623</EventRecordID>
    <Correlation />
    <Execution ProcessID="4136" ThreadID="5000" />
    <Channel>Laserfiche-WebClient-Server/Operational</Channel>
    <Computer>webaccess server</Computer>
    <Security UserID="S-1-5-21-690846887-1241392410-317593308-161258" />
  </System>
  <EventData>
    <Data Name="message">The token XML does not appear to be valid.
Parameter name: tokenXml
Operation: /laserfiche/App_Services/ScanningService.asmx?repo=ITSD-TEST-DEV
  Message: Exception encountered, stack trace:
  Laserfiche.WebAccess.Common.Scanning.ScanningError.Create
  Laserfiche.WebAccess.Common.Scanning.ScanningResult.AddError
  Laserfiche.WebAccess.ScanningService.Negotiate
  System.RuntimeMethodHandle.InvokeMethod
Exception details:
  Message: The token XML does not appear to be valid.
Parameter name: tokenXml
  Stack trace:    at Laserfiche.SecurityTokenService.Ticket..ctor(String tokenXml)
   at Laserfiche.WebAccess.Common.ConnectionManager.AuthenticateSessionWithClaims(Session sess, RepositoryRegistration repoReg, ClaimsIdentity claimsId)
   at Laserfiche.WebAccess.Common.ConnectionManager.AutoLogon(String repoName, HttpContext context, Boolean forceLogin, WARepository waRepo)
   at Laserfiche.WebAccess.ScanningService.Negotiate(String repository, ScanningNegotiationProperties properties)

  Session: q1vxvww1
</Data>
  </EventData>
</Event>

 

It was suggested to me at Empower to turn off the option in the Web Client configuration to only sign in with SSO and I have done that but continue to see this error.

0 0

Replies

replied on February 27, 2019

For reference for anyone else experiencing the issue, the root cause was that 'auto-login with Windows Authentication' was enabled alongside LFDS SSO authentication. These two authentication types are inherently incompatible in ASP.NET applications like Web Client and will break session-sharing in plugins like Laserfiche Web Scanning and Laserfiche Office Plugin.

1 0
replied on March 1, 2019

Hey Ryan,

 

Does that mean that this function can only be used with repository user authentication?

 

Regards,

0 0
replied on March 7, 2019

@ryanschooley do you ever see an opportunity where this could be addressed so that we could start Web Scanning via a URL?   Having to have the users sign in to scan is inconvenient.

0 0
replied on March 13, 2019 Show version history

Drew- no, you can use it with 'auto login with Windows Authentication' and no LFDS SSO. Or you can use LFDS SSO without automatic Windows Login. You just can't use both authentication options together as they're incompatible. 

 

Craig- it's fundamental incompatibility in the underlying technologies the Web Client uses. If you use LFDS SSO w/out automatic Windows authentication, users should authenticate through scanning fine. Likewise if you use auto-login with Windows Authentication without LFDS SSO enabled. 

 

It's worth pointing out that enabling auto-login with Windows Authentication while LFDS SSO is enabled doesn't accomplish/add anything feature-wise, as auto-login requires a setting that's forced off when LFDS SSO is enabled. 

2 0
replied on February 14, 2019

Hi Clark, 

 

I'm getting an error as well when launching scanning via URL against a Web Client that's configured for LFDS signin even when 'Use SSO Only' is unchecked. However, it's a different error than the one you reported, so I'm hesitant to say it's the same issue. 

 

I'd advise asking your solution provider to open a case with Laserfiche Support. In the case ticket, link our Support team back to this answers there. I also recommend including:

1. a video reproducing the issue

2. a copy of the event logs

3. a fiddler trace taken while reproducing the issue

 

Once we have this information, we can better troubleshoot the exact cause of your issue, and whether it's related to what we're seeing internally. 

 

Thanks for reporting this!

0 0
replied on February 15, 2019

Ryan,

I duplicated the issue and captured it on video - our VAR should already have a ticket open on this.  I sent the requested files to them to attach to the incident.

Thanks

Craig

0 0
replied on February 18, 2019

Hi Craig, 

 

I found the case and I'm looking into it.

 

Thanks ,

 

Ryan

0 0
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...