I am using wildfly 8 as a server in my jsf application.
I am trying to use form based authentication,
but I always get forbidden page even the login success.
I wrote the role name and the constraints for page and welcome first page in the web.xml file and it is still not working.
I tried to change level of log to TRACE in standalone.xml to see the errors in wildfly server.log file but no errors occured. server.log file says that the checking of password and roles of user is done without errors.
Related
This is in regards to the sample: msal-web-sample-0.1.0
I am using tomcat 9 and maven to build and run the msal-web-sample code. It is building fine and running, loading spring, etc. I am able to go out and get a username and passowrd login. However, when it tries to return back to my system (https://localhost:8443/msal4jsample/secure/aad) it just has a bit "ERROR PAGE!" heading with Home Page link going back to the main tomcat page.
In the tomcat runtime it has:
2021-06-29 15:28:06.108 ERROR 6360 --- [io-8443-exec-10] o.s.b.w.servlet.support.ErrorPageFilter : Cannot forward to error page for request [/secure/aad] as the response has already been committed. As a result, the response may have the wrong status code. If your application is running on WebSphere Application Server you may be able to resolve this problem by setting com.ibm.ws.webcontainer.invokeFlushAfterService to false
Of course, that doesn't apply to my setup.
I see the get in the logs returning back OK and don't see any errors on startup. I am at a loss as to where to go from here. Any thoughts?
Also, is there a non-spring implementation that can be used with java but still using MSAL?
Thanks
Alan
Please share additional information about the error. Do you have trouble regrading AAD? Check your environmental settings (Tomcat) if this isn't the case.
I have been able to successfully download, compile, and run Shopizer. Unfortunately, when I attempt to display the home page, I get a blank page. By "blank" I mean that there is nothing on the page, not even undisplayable HTML!
I also attempt to log in as the admin. When I point my browser to the admin page (http://localhost:800/admin) I get the login page but when I enter the username and password (admin and password) the Shopizer throws an exception.
I am running this application in Eclipse, so was able to debug the code. I am finding that the exception from the admin login is caused by a failure of the application to read the username from the database. It attempts to get information from the database when you log in, but the query for information on the admin user returns null and that causes an exception to be thrown.
Apparently, it is getting nothing from the database. I am running this using the default H2 database configuration, and from what I have understood reading some of the information on their forum, the H2 database is run as an embedded database in this application. I also understand that on first running the database is initialized and test data is put in. I have also looked at the database file, it has data in it.
Yet for some reason, Shopizer fails to get user info about the admin user. I suspect that some of the other blank pages I am getting are caused at least partially by a failure to read product and other information, as well.
Does anyone know what is causing this failure to read the database? Has anyone else seen this behavior before? Is there something that needs to be done to enable access (Shopizer's documentation is somewhat incomplete so who knows what else might need to be done to make it work)? Or is there something that needs to be done to make it able to read the database?
Are you able to run the app from the command line first
cd shopizer
./mvnw clean install
./mvnw spring-boot:run
When running from eclipse once you have imported shopizer root project make sure the H2 file resides under sm-shop
Have you tried to configure mysql ?
Yes the schema is created and updated during startup
We have application hosted on Tomcat server cpu261.dev.local with port 8080. following is the URL of the application:
URL-1
http://cpu261.dev.local:8080/omnienterprise?tid=1
when we hit above URL it is immediately redirects to following URL:
URL-2
http://cpu261.dev.local:8080/omnienterprise/ngcore/preLoginAction.action?tid=1&vToken=-1&mid=0&adsLoginId=
and then we get the option to enter username. after entering username our Tomcat redirects to following URL:
URL-3
http://cpu261.dev.local:8080/omnienterprise/ngcore/loginUserAction.action
here we enter Branch code and password to view the dashboard.
This is my actual application flow. I want to make script in JMeter to stress test the applicaiton.
I have created one script,
please find attached screenshot of the JMeter script:
My issue is when i am running the script with URL-1 it somehow doesn't redirecting to URL-2 or not even giving error in the listener
I am using, in the listener response code is 200 OK.
Please find below screenshot of the listener:
Why is it not redirecting from URL-1 to URL-2? How do I write script for such a scenario?
You're most probably missing a Header, parameter or cookie.
The best way to create a script is to use JMeter recording feature:
https://jmeter.apache.org/usermanual/jmeter_proxy_step_by_step.html
I created a custom login form. I am using spring security core plugin for handling user registration and login.
My problem is when user tries to login with wrong username or password. He is still redirected to standard /login/auth?login_error=1.
I would like to redirect it to something like /?login_error=.
I tried to add
grails.plugin.springsecurity.failureHandler.defaultFailureUrl = '/'
to my application.groovy.
But it doesnt work. Do you know how to to it properly?
I skipped this task and added more plugins. After I finished it, this problem disappeared. So either grails clean or gradle refresh dependencies made it work.
I have an application that supports multiple types of login using username+password, using open id, etc.
Technology used : GWT.
Login url = Login.html and Login Failure url = Login.html?error=true
as shown above, the login page (made in GWT) can determine that whether its just opened for first time or whether its opened after an error.
However, i am not able to determine the type of error
a similar post here: Post link shows how to set the message to a custom one,
But i require a programming approach:
eg if open id login fails, I must show user a panel to enter his name, etc.
Is there any way to achieve this ?
For those not knowing GWT:
Let me change the problem a bit, suppose that my login page is not a JSP but a servlet, how do i write code in my servlet that is able to access the type of error occured during login? (Actually this does not solve the GWT issue, but it may give me a 'heads up' of what is needed to be done.)
Well you don't have to redirect your failed login to a jsp - it can be any URI. For instance you can redirect them to the URI http:/www.myserver.com/failed which is a completely different servlet (could be a servlet that does nothing but sends a redirect to a new URL even).