Skip to main content
Documentation & User Guides | FotoWare

Troubleshooting SSO

Use this checklist as a starting point when troubleshooting SSO.

What to check first

1. Verify that the protocol and port in the FotoWeb site settings are set correctly. (HTTP = Port 80, HTTPS = Port 443):

FotoWeb Site ID.PNG

2. If HTTPS is used, a trusted certificate must be used on the FotoWeb server. Ideally, certificates should be CA-signed. Self-signed certificates must be made trusted. Note that we advise against using self-signed certificates in production systems.

3. In the IIS Manager, go to the web site where FotoWeb is installed and verify in Bindings that the HTTPS binding (port 443) is bound to "All Unassigned" rather than to one specific IP address.

Note: After making changes in point 3 above, you may need to restart FotoWeb services.


1. Using the Windows Task Manager or Process Explorer, verify that BuiltinAuthenticationProvider.exe is running running without repeatedly restarting. If it is continually starting up and terminating, something is not right.

2. Make a note of the precise error messages you are seeing. It will be helpful if you can provide FotoWare Support with screenshots or video recordings of the behavior experienced.


Known issues with Windows authentication

Note: Windows Authentication is deprecated and has been superseded by SAML + ADFS.

1. Windows authentication does not work with the Apache (build-in) web server, only with IIS.

2. Windows authentication does not work on secondary FotoWeb sites

3. Windows authentication has issues with multiple domains and domain forests.