I Want to show User to see another error like error page
Related
Our application is a Spring Boot application and we have gotten a requirement to implement OAuth2 authorization with the IdentityServer3 as the provider.
However, with everything set up properly, we keep getting the error The client application is not known or is not authorized. when redirected to the login screen of the SSO system.
Using postman, we are able to access the login screen when clicking 'Get New Access Token'
Using AdvanceRestClient, we get the same error as our Spring Boot application.
Checking the log of these 2 tools, i found that on postman, the request will POST to the Access Token URL first, while on both Spring Boot security and the AdvanceRESTClient, it will generate a GET URI to the authorize URL.
Example of POSTMAN:
POST https://login.xxx.com.my/LoginHost/core/connect/token
Example of AdvanceRESTClient first request:
GET https://login.xxxx.com.my/LoginHost/core/connect/authorize?response_type=code&client_id=xxx.web&redirect_uri=https%3A%2F%2Fauth.advancedrestclient.com%2Foauth-popup.html&scope=openid%20email%20profile&state=XXX
This is confusing. Which behaviour is correct? And why is there a difference there?
Hope anyone can help with this. Thanks.
* UPDATE 1 *
POSTMAN settings:
AdvanceRESTClient:
After looking at the console logs of both client, it seems that the issue is caused by the redirect-url. After changing the redirect url on AdvancedRestClient to match with postman settings then it works.
Permission page
I'm trying to allow my app to work be able to allow users to login via LinkedIn, however i keep getting the 403 Forbidden Error as shown in the screenshot.
Hopefully someone can advise.
The error message clearly says that you do not have enough permission to use LinkedIn API. You need to request permissions from linkedin.
I am trying to integrate a Shibboleth IDPV3.4.1 with my SP which is a server called as ClearPass. I am using the Linux platform of the Shibboleth IDP. I configured the relyingparty.xml, attribute-filter.xml, attribute-resolver.xml,ldap.properties, and also the and uploaded the metadata to the /metadata/sp-metadata.xml also updating the metadata-providers.
I am trying to use the password authentication flow with LDAP, however the issue is that I never get the login page when I initiate the SAML transaction from my SP. I get an error saying "Web Login Service -Stale Request". I have attached the screenshot of the error
Stale Request
I attempt to do a resolver test using the
http://shib.nslab.com:8080/idp/profile/admin/resolvertest?requester=https://chandracppm.nslab.com/networkservices/saml2/sp&principal=chandu
requester "https://chandracppm.nslab.com/networkservices/saml2/sp"
principal "chandu"
attributes
0
name "sAMAccountName"
values
0 "chandu"
and I get the attributes from AD in return, which shows the connection to AD is working.
However the authentication page does not appear from the IDP when I try to access the resource in my SP, I only get the Stale request Error.
The error that I see in the logs/idp-process.log is as follows
2018-12-10 19:26:08,222 - 10.23.20.81 - ERROR [org.opensaml.profile.action.impl.DecodeMessage:73] - Profile Action DecodeMessage: Unable to decode incoming request
org.opensaml.messaging.decoder.MessageDecodingException: Shibboleth Authentication Request message did not contain the providerId query parameter.
at net.shibboleth.idp.saml.profile.impl.BaseIdPInitiatedSSORequestMessageDecoder.getEntityId(BaseIdPInitiatedSSORequestMessageDecoder.java:128)
2018-12-10 19:26:08,223 - 10.23.20.81 - WARN [org.opensaml.profile.action.impl.LogEvent:105] - A non-proceed event occurred while processing the request: UnableToDecode
2018-12-10 19:26:08,224 - 10.23.20.81 - DEBUG [org.opensaml.saml.common.profile.logic.DefaultLocalErrorPredicate:143] - No SAMLBindingContext or binding URI available, error must be handled locally
I am new to setting up Shibboleth IDP, not sure what I am missing.
Any inputs would be appreciated
Shibboleth fails to decode the message. This behavior is to be seen if the AuthnReq is being sent to POST endpoint instead of Redirect or vice versa or if any of both endpoints are not configured properly. On UI, the error you will notice for this is "StaleRequest". I got a similar error in idp-process.log file "org.opensaml.messaging.decoder.MessageDecodingException: This message decoder only supports the HTTP GET method". The issue is pertaining to incorrect or misconfigured endpoints.
I was able to get this working by installing an IDP docker image from here
https://docs.google.com/document/d/1qb5XTde1nulCdA_8QUei48CxDj0lQs7ShD622Ze_4II/edit
The authentication flow is working now
I am developing a RestTemplet where their is Authentication on Server.if some one try to access particular url than server open the default spring form to authenticate client. IT gives me a 404 error while passing a correct credential. IT is only happened when i try to access that URL from RestTemplet if I directly access the port of Server and try to access that particular URL than it works.
I've just inherited a Joomla site that I didn't create and now no one can login to the backend. Whenever I try to login in I get this...
500 - An error has occurred.
I already tried the suggested fix in this Question