Unable to connect to Clarity Studio while using SSO. The Clarity application has been setup to be used with SSO but Clarity Studio will not authenticate. Clarity Studio will accept server name input, however after you input your username and password you will receive an error message invalid user or password.
When connecting to Clarity Studio the user receives the following error:
An unexpected error occurred. See the stack trace for more information.
The service '/services/MetaDataService.svc' cannot be activated due to
an exception during compilation. The exception message is: The value
of the property 'authenticationScheme' cannot be parsed. The error is:
The enumeration value must be one of the following: None, Digest,
Negotiate, Ntlm, IntegratedWindowsAuthentication, Basic, Anonymous.
There were multiple causes to this issue:
1.) Anonymous Authentication was not set throughout the application
2.) SSO module in Clarity was turned on. This module is generally turned off and is not required even when the client is using their own SSO.
Diagnosing the problem
Ensure that you can connect to the metadataservice.svc site.
[servername]/services/metadataservice.svc and once it loads you are able to click on the link:
If the page returns the connection is successful.
If you are unable to connect to the page. Ensure that the authentication scheme is consistent throughout the website in IIS, as well as the bindings under the services folder as noted above.
In addition, there is an internal tool that we can use to debug/troubleshoot authentication with Clarity Studio. This will need to be a step that involves Support.
Resolving the problem
1,) The client is using anonymous authentication. When using anonymous authentication you need to ensure that anonymous is set throughout the application.
- Anonymous is set on the entire Clarity website in IIS
- Anonymous is also set for the bindings in web\services\web.config This is located under the <services> tags and the binding tag should be bindingname="BufferedZippedClarityAnon"
2.) In web\config.xml ensure that the generatessotoken="false". This will bypass the Clarity SSO module which should not be used. In this particular instance, the client is using their own SSO, so the Clarity SSO module needed to be turned off.