I have React and Spring boot web application. My web application is in Windows server 2019. I generated a certificate for my webpage www.mypage.com and registered in IIS manager. When I go to my webpage there is a lock symbol and It is fine. But when I make a request to my backend rest api service. It gives me this error. ERR_CERT_COMMON_NAME_INVALID. I also followed the steps for spring boot certificates.
added certificate to under the resources folder.
http.port=8080
server.ssl.key-alias=mydomain
server.ssl.key-store-password=password
server.ssl.key-store=classpath:KeyStore.p12
server.ssl.key-store-type=PKCS12
When I make rest by using chrome with url. It gives NET::ERR_CERT_AUTHORITY_INVALID, when I clicked advance, and processed not secure. It shows the data.
I don't know what to do the fix the error.
Related
My team is rewriting an existing web application that has a react.js front-end and springboot backend. In addition, The original (legacy) app is written in java (tomcat 8 & struts) and that will continue to be used for some parts of the site until a later date when we will complete the rewrite. All 3 endpoints are on the same domain in the following format: react.js (mysite.mydomain.com), spring (mysiteapp.mydomain.com), and legacy (mysite.mydomain.com/old). All 3 apps are hosted on the same server, but the application urls all route through our F5, so nothing is pointing to localhost. We did this to use the same SSL certificate across the three apps. The new and legacy apps use the same database. We are trying to make cross app calls between the new and old app. When we make the cross app calls, we want the user session to be maintained between them without them having to log in twice. We have not been able to get this to work. In our latest attempt to authenticate the user to both apps simultaneously, we are using ajax to sign the user into legacy with the same credentials. We are getting the following error back from the legacy tomcat application: HTTP Status 403 Invalid CSRF token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'. The server understood the request but refuses to authorize it. We are stumped at this point and out of ideas. Code can be provided on request, but we are looking for the best approach to how to implement this and not as much locked on this path described above.
I'm getting this error Error 400: redirect_uri_mismatch even after giving the proper redirect uri. You can check the images below for the reference. It works for my localhost but it shows this error for my server. My domain looks like https://xxx.topLevelDomain.com. I'm not able to find the possible cause of this issue after surfing most of the issues related to this error. Although, I guess the issue maybe because I'm using a subdomain here, but still not sure if its the issue.
Application info:
frontend is in react hosted on https://someTopLevelDomain.com
backend is in spring boot hosted on https://someSubdomain.someTopLevelDomain.com
Your application is sending from as http to a .com domain
In google developer console you have only one http domain listed and that is localhost
The redirect uri you are sending from must exactly match one that you have added in google cloud console.
To understand how to set up your redirect uri properly check Google OAuth2: How the fix redirect_uri_mismatch error. Part 2 server sided web applications.
where is the redirect uri comming from
Depending upon the programing language, the ide and the client library you may be using will define what redirect uri your application is calling from.
For example i know that visual studio likes to add random ports with C#. I cant tell you what is generating your redirect uri i can only tell you that
The following needs to be added to your google cloud console.
http://________.com/login/oauth2/code/Google
or you need to figuer out what is setting the host on your requests and set it to use https so that you can use the one that you have there now
https://________.com/login/oauth2/code/Google
I have a spring boot application integrated with Azure AD SAML login. I have followed this sample to achieve this. It works fine in localhost but on deployment to a prod url, it keeps giving below error
the redirect uri that I see in the authorization request URL starts with http. This is contradictory because Azure App Registration does not allow to configure any non https URLs and only exception is localhost.
In order to match URLs, I tried editing App Registration's manifest in Azure portal to make it http. Now, it seems URLs match but then I get below error:
I have also tried setting https URL both on azure portal and application.properties using "azure.activedirectory.redirect-uri-template" as mentioned in stack overflow post here but that also does not work.
I have also gone through this post but that also didn't help.
Any help would be much appreciated.
In order to solve the error of redirecting to https but the redirect_uri in request still starts with http, there are two similar issues:
1. The HTTPS requests terminate at the proxy and the proxy then uses HTTP protocol to communicate to your Tomcat server. You will face this if you deploy your code on cloud providers like App Service. Answer is here.
In application.properties:
security.oauth2.client.pre-established-redirect-uri=https://yourappurl.net/login
security.oauth2.client.registered-redirect-uri=https://yourappurl.net/login
security.oauth2.client.use-current-uri=false
server.tomcat.remote-ip-header=x-forwarded-for
server.tomcat.protocol-header=x-forwarded-proto
server.tomcat.use-relative-redirects=true
server.use-forward-headers=true
server.tomcat.internal-proxies=.*
2. Add server.forward-headers-strategy=native in applications.properties. Answer is here. For more about this setting, see here.
I have a Angular application and a separate Web API solution built with .NET Core. I have successfully setup authentication with Azure AD B2C. I am able to login to the angular application. However I would like to secure one of my Web API calls. i.e. http://localhost/Profile/GetProfile. The trouble is that I'm able to query this url successfully even when not logged in.
I used code from the sample application in github and strangely I get 401 not authorized when trying to make my api call from my ClientApp. However, I am able to open that url successfully in a new tab (outside of my application). I am trying to achieve the opposite of this. i.e. it should 401 from a browser but 200 from my ClientApp. What am I doing wrong?
BTW the sample application throws a unhandled exception when trying to navigate to the todo menu item.
The trouble is that I'm able to query this url successfully even when
not logged in.
This is because the cache is still there after you successfully log in. Once you've used browser privacy mode, you'll need to log in again.
And is these screenshots below what you want to achieve? You can decode token in this.Whether the requested token is successful does not match the api endpoint.If so,please check your client app (API perssions) & server app(Expose an API).
401 from a browser
2.200 from my ClientApp.(Here's a microsoft graph me/endpoint demo.)
I have web api that uses windows authentication. I've created my own Active Directory Server and a separate IIS Server. I have registered the IIS server to the domain but for some reason I'm getting a 401 issue when I use the API URL in my Javascript.
But works when using it directly from web browser
Please note that this is the same code (javascript, SQL Server, and ASP.NET Web Api) I'm developing at work. The only difference are the url for LDAP and domain. I have tried everything from changing Windows Authentication Providers. I'm just curious if I need to add my machine as a trusted to the Active Directory which I'm not sure how. I have added the Active Directory User to the IIS with Full Control but still no luck.