Skip to main content

Kofax TotalAgility - Windows authentication has failed for the current user

Applies to:  

Kofax TotalAgility v7.7 and above
Split Web and App - both configured to use HTTPS communication

Summary of Issue  

In KTA v7.7, on the Application Server, we no longer have the option to switch to HTTPS using the Config Utility,
Typically it is not necessarily to use HTTPS communication between web and application server but we can configure this manually

If we have manually configured our Application Server to allow HTTPS between the App and (SSL) Web server,
We then attempt to use the api UserService.LogOnWithWindowsAuthentication or UserService.LogOnWithWindowsAuthentication2 and get the following error:



One cause of this issue is that the Application Server's CustomBinding_CoreService  in the web.config is configured with an 'Anonymous' Authentication Scheme,
This means that the call to the App server from the Web server will be anonymous, thus passing no UserName and therefore the User cannot be logged in via Windows Authentication


Ensure that the CustomBinding_CoreService in the web.config on both the Application and Web servers are configured as follows:

<binding name="CustomBinding_CoreService" openTimeout="00:10:00" closeTimeout="00:10:00" sendTimeout="00:10:00" receiveTimeout="00:10:00">
            <readerQuotas maxDepth="2147483647" maxStringContentLength="2147483647" maxArrayLength="2147483647" maxBytesPerRead="2147483647" maxNameTableCharCount="2147483647" />
              <httpTransport authenticationScheme="Negotiate" for http with windows authentication
              <httpsTransport authenticationScheme="Anonymous" for https with None authentication              

          <httpsTransport authenticationScheme="Negotiate" allowCookies="true" maxBufferSize="2147483647" maxReceivedMessageSize="2147483647" maxBufferPoolSize="524288" />

Restart IIS after making any changes