Skip to main content
Kofax

MarkView SSO Servers Having Access to usermgmt Pages

  1. Last updated
  2. Save as PDF
Article # 3049875 - Page views: 25

Issue

In the Administration Guide Volume 2, under the Single Sign On ( SSO ) configuration section, there is a note that reads: 

The SSO system should allow all MarkView servers to have access to the .../usermgmt/rpc/*
URL address for inter-apps communication.

 

MarkView 10.3 Admin Guide Vol. 2

MarkView 10.2 Admin Guide Vol 2

 

There are some questions on this: 

1) What is this for?

2) How is it done? Does Kofax have documentation for specific SSO solutions to do this?

3) Is there a way to test that this is done properly? 

 

Solution

Answers to the questions are as follows:

1) Certain processes such as the Kofax Export Connector ( MVImportAPIConfig ) have no way to log into a Single Sign On solution, but do require to login to MarkView. As such, these pages need to be allowed access from the Single Sign On solution to perform a login for MarkView rather than the SSO.

When this is NOT in place you will get 401 and 500 errors in batches after trying to export them.

 

You will also see errors similar to the error below in the mvdtm.log: 

2022-09-19 14:11:27,634 [/mvasbcg/barcode] DEBUG org.springframework.security.web.authentication.www.BasicAuthenticationFilter:170 - Basic Authentication Authorization header found for user 'ADMIN'
2022-09-19 14:11:27,647 [/mvasbcg/barcode] ERROR com.markview.security.ui.XssFilter:73 - Error thrown while handling request.
org.springframework.remoting.RemoteConnectFailureException: Cannot connect to Hessian remote service at [http://server:port/usermgmt/rpc/UserAuthenticationService]; nested exception is com.caucho.hessian.client.HessianConnectionException: 401: weblogic.net.http.HttpUnauthorizedException: Server Authentication Required
at org.springframework.remoting.caucho.HessianClientInterceptor.convertHessianAccessException(HessianClientInterceptor.java:289)
at org.springframework.remoting.caucho.HessianClientInterceptor.invoke(HessianClientInterceptor.java:257)
at org.springframework.aop.framework.Reflective

 

2) We don't have specific documentation on the third party SSO solutions that can be used. You will need to consult the documentation of the SSO provider you are using to determine how to configure this. 

 

3) To test this:

  1. Open a browser
  2. Ensure you are NOT logged into your SSO solution 
  3. Go the following URL: 

http://server:port/usermgmt/rpc/UserAuthenticationService

 

where "servername" is the server name for MarkView and "port" is the port that MarkView runs on.

 

You should see a message such as: 

HessianServiceExporter only supports POST requests


If however you get re-directed to your Single Sign On login page, the communication is NOT open. 

 

Level of Complexity 

Moderate

 

Applies to  

Product Version Build Environment Hardware
MarkView for Oracle 9.1+      

References

MarkView_Export_Connector__Troubleshooting_Guide

 

 

Article # 3049875
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Reference
  2. Tags
    This page has no tags.