Verifying the web configuration files for Report Manager web services (H5 and WCF)

This section contains the different verification processes for the settings of SSO configuration files for Report Manager web services. The users must set the correct key values in the web configuration files to avoid any errors.

Verify the values in Identity Configuration node

Solution: Ensure that the identityConfiguration node in the web.config file for H5 contains the correct values.

  • audienceUris () should have the URN address of Report Manager. Note that it must begin with urn: followed by the DNS address of the Report Manager server without https://.

    For example: urn:m3rm-dev.m3.awsdev.infor.com

  • The thumbprint must not include any hidden ASCII characters. The hidden characters are usually located at the start of the string. To search and remove any hidden character, write the thumbprint manually or use a text editor.

See this identity configuration sample:

<identityConfiguration>
      <audienceUris>
        <add value="<REPORTMANAGER_URN_SERVERADDRESS> " />
      </audienceUris>
      <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
        <trustedIssuers>
          <add thumbprint="<THUMBPRINT>" name="InforMingle" />
        </trustedIssuers>
      </issuerNameRegistry>
      <certificateValidation certificateValidationMode="None" />
</identityConfiguration>

Verify the values in the Federation Configuration node

Solution: Ensure that the federationConfiguration node in the web.config file for H5 contains the correct values. Verify these key values:
  • The issuer address should be the identity provider of the server address, for example, https://m12test-sso.auto.aws.infor.com/idp/prp.wsf.
  • The realm address should be the URN address of Report Manager and should be exactly the same with what was entered in the previous step for identity configuration. The address is customer- or environment-specific.
  • The reply should be the URL of Report Manager which includes https, for example, https://m3rm-dev.m3.awsdev.infor.com.

See this federation configuration sample:

<federationConfiguration>
   <cookieHandler requireSsl="true" />
   <wsFederation passiveRedirectEnabled="true" issuer="<ISSUERADDRESS>" realm="<REPORTMANAGER_URN_SERVERADDRESS>" reply="<REPORTMANAGER_SERVER_ADDRESS>" requireHttps="true" />
</federationConfiguration>

Verify the values for H5 Application Settings

Solution: Ensure that the appSettings node in the web.config file for H5 contains the correct values. Verify these key values:
  • ApiHost should be the DNS address for M3 Business Engine and must not include https://.
  • M3APIType must have the value M3restAPI.
  • The rest of the settings must be configured properly. claimType, LogicalId, and AAPserver can be set to localhost along with the WcfAddress.
    Note:  To set the values to localhost, the H5 installation must be on the same server as the AAP_MultiportServer_service.

See this application settings sample.

You can also access the GUI support for Application Settings in IIS.

<appSettings>
    <add key="a3ConnectorName" value="ACCURE_A3" />
    <add key="AAPport" value="4711" />
    <add key="AAPserver" value="localhost" />
    <add key="aapWebport" value="4712" />
    <add key="ApiHost" value="<M3_BE_DNS_ADDRESS>" />
    <add key="ApiPort" value="16305" />
    <add key="connectorName" value="M3" />
    <add key="folderName" value="AAP_SmartReports" />
    <add key="LogicalId" value="lid://infor.m3.M3APPSDEVMRM" />
    <add key="WcfAddress" value="https://localhost:444/arm.svc" />
    <add key="claimType" value="http://schemas.infor.com/claims/Identity2" />
    <add key="M3APIType" value="M3restAPI" />
</appSettings>

You must install a valid certificate on the machine for localhost and select it in the IIS bindings if you are using https instead of http.

Verify the values for WCF Application Settings

Solution: Ensure that the appSettings node in the web.config file for WCF contains the correct values.

  • M3APIType must be set to M3restAPI.
  • M3APIRESTPath must have the M3 Business Engine REST API endpoint, for example, https://m3ceappsdev.m3cedev.awsdev.infor.com:2443/m3api-rest/.
  • The values for certPath and certPassword should reflect the certificate for calling the M3 REST APIs.

See this application settings sample:

<appSettings>
    <add key="M3APIType" value="M3restAPI"/>
    <add key="M3APIRESTPath" value="<M3_REST_ENDPOINT>"/>
    <add key="certPath" value="<P12_CERTIFICATE_LOCATION >"/>
    <add key="certPassword" value="<P12_CERTIFICATE_PASSWORD>"/>
    <add key="oauthConsumerKey" value="xxxxx"/>
    <add key="secretKey" value="xxxx"/>
</appSettings>