I have a little problem with the php session. interface hosted at the FTP server level which requires authentication via login and password. the problem and that during the tests when the first user connects another cannot access it the site freezes
List item
Related
Important
I have tried many answers right here published but no one worked for me.
I have installed a fresh copy of Laravel 5.8 including the scaffolding about authentication with:
php artisan make:auth
After that in my localhost redirecting works fine when the users register with name, email, password, and password confirm.
Nevertheless when I upload it to my shared hosting:
I can:
Access to register form
Register a new user
Redirect to login form
But it fails when:
I try to login in with my email and password it only reloads the window of the browser and stays in the same page (login form)
This is strange for me because:
Works fine in localhost
No errors 500
The network tab only shows a 200 code status
Laravel log is empty
I have tried with:
protected $redirectTo = "home";
But anything happens, only the same behavior
I need to say that:
No roles
No third packages only the basic authetication system
You mention when I upload it to my shared hosting - Laravel requires some setup/installation, simply uploading is not enough. Specifically you need to set permissions on several directories. Without correct permissions, your web server cannot create session files. If it can't create session files, logins will fail - and that's exactly what you are seeing.
Update: fixed Laravel 7 link for Laravel 5.8
I am working in a project where we have 3 servers:
Frontend Server running in Reactjs/redux.
Backend application server where project business logic is setup(DRF). This doesn't have authorization mechanism.
User management server where user login/registration(DRF).
Currently in this project registration with session and login is implemented but the user session is maintained only User management server.
Authorization system workflow should be as below:
A request is made from Frontend server to Backend.
Allow only logged in user to get the result.
User Backend server is the one managing user database and session. How can we check in Backend Server if user is logged in through User Management Server and return result back to Frontend Server based on if user is logged in/not.
Token authentication is preferred. I searched for JWT, but the implementation is detailed for single server projects.
Please let me if there is a solution/alternative for the above scenario.
Thanks in advance.
We have one intranet Application and implemented ADFS authentication on it. We have our custom login form with Username and password and we are authenticated easily using ADFS. we are using windowsmixed endpoint to authenticate
Application, Users and ADFS all are in one domain
Now we want to skip that login page, so if Domain\User1 is logged in on his/her machine , intranet application should authenticated with current windows logged in user automatically without asking username and password when we open it.
Is it Possible and How?
Thanks!!!
Regards,
Darshit Gajjar
Normally this is done via IWA in a browser (WS-Fed passive profile). IWA is a function of the browser not ADFS.
You are using WCF (WS-Fed active profile) which has no browser component.
As we know when we login to a system, they creates some type of sessions or cookies to keep track which user is logged in and further processing is based on sessionid or cookies.
Is it possible to get the session or cookies from virtual server and access website from some other location or browsers?
For example :- I have login credentials of a website abc.com, I logged in that website on remote server and get the sessionid or cookies created by website on remote server browser.
Next based on that sessionid or cookies without login to abc.com again I can access the whole features? Is it possible or not? If yes then how?
may be some type of session hijacking?
Note: I don't need it for hacking purpose.:)
thanks in advance.
We are building a SPA application using Durandal and we are authenticating the users via Windows ACS in Windows Azure.
We currently have a problem with users who leaves their applications open for a long time. When they come back, the ACS token is expired and the application won't redirect to the ACS login (since it is a SPA application).
Is there a good way to detect on the client side when the Windows ACS session times out?
I don't know Durandal, but I know all Ajax calls feature (optional) error handlers in which you can test whether the server status code is 401 or 403.
(that's usually the case when the user tries to access a secure resource when he is not authenticated).
All you have to do is redirect the user to ACS with the correct parameters when this happens.