I am trying to use the VspPHPKit and configured it for form integration and whilst testing; I am getting this error:
5080 : ERROR : Form transaction registration failed.
Looking into this error message; I came across this page: https://www.sagepay.co.uk/support/error-codes/5080-error-form-transaction-registration-failed
I've tried the solution; there was nothing in my invalid transaction tab. Then I've looked at this note: encryption passwords for both TEST and LIVE are different.
This is not the case for me, my live & test account both appears have the same form encryption password?
How is this possible and how can I change the form password? I don't see an option on the user interface even after logging in an account administrator (i.e. username and vendor name same).
Related
We are using Azure AD B2C Custom policies with Microsoft Azure Active Directory to authenticate users. We implemented the password change policy as given in the example below.
https://github.com/Azure-Samples/active-directory-b2c-custom-policy-starterpack/tree/main/scenarios/password-change
We created a link the user can visit and change his password. Once the password is changed, the user is redirected to the application again.
However, in some cases, we get the following error when the user is redirected to the application after changing the password.
{
"error": "invalid_grant",
"error_description": "AADB2C90088: The provided grant has not been issued for this endpoint. Actual Value : B2C_1A_Dev_SignupSignin and Expected Value : B2C_1A_Dev_PasswordChange\r\nCorrelation ID: b3a2fdd5-df58-4aa1-8eca-d91503ebb75a\r\nTimestamp: 2022-08-31 12:23:48Z\r\n"
}
This error does not happen to all users. But for some users, it happens always.
We use MSAL Angular library with the following versions.
azure/msal-angular": "^2.1.1"
azure/msal-browser": "^2.22.0"
We appreciate any help to resolve this issue.
I've taken up Widows Samples on Credential Providers and have built one using them as a reference. I'm able to log in seamlessly, wither by giving username and password manually. I've set
CustomCredential::SetSelected (__out BOOL* pbAutoLogon) {
*pbAutoLogon = TRUE; // FALSE;
return S_OK;
}
Now, AutoLogon, when the Tile is selected, is happening seamlessly.
As a test case, I changed the password, and as expected the Login fails. After failure, an error message appears and when I click OK ( this is the only option ), the credentials are resubmitted for a retry. How do can we stop this behavior? Which method gets called after the authentication failure?
I've handled ReportResult() but that did not help.
Thanks in advance.
It's been a while - but I believe GetSerialization() is called to return serialized credentials to LogonUI. You need to implement this as well. The credential provider samples I think have working code for KERB_INTERACTIVE_UNLOCK_LOGON.
You can also change *pbAutoLogon conditionally in SetSelected() - I do this in my credential provider depending on certain results.
ReportResult() would be called after GetSerialization returns its result to LogonUI. Inside ReportResult() you could do things like clear the password box (which is done in the samples code.)
If you're not returning serialized credentials in GetSerialization then I think you might get the kind of error you listed in your original post. In the credential samples KerbInteractiveUnlockLogonPack() is called in GetSerialization() and this is what 'logs' the user in effectively.
The error seems specific - 'the user has not been granted the requested logon type' so maybe it has something to do with the rights of the user you're testing with.
If you are using remote desktop, make sure your users are members of the right groups to be able to login (https://support.jumpdesktop.com/hc/en-us/articles/216424183-General-RDP-You-must-be-granted-the-Allow-log-on-through-the-Terminal-or-Remote-Desktop-Services-Right-) or if it is a regular user that it is allowed interactive login.
Also - SetSelected() Gets called when your credential provider is clicked on - I'm not sure if it gets called after every logon attempt or not (my guess is that it doesn't.) In my credential provider I am using a custom logon dialog that I show using SetSelected().
I am new to ADFS, I m in a position to hit ADFS login screen where i m providing myself and all my colleagues credentials and it is validating perfect. After validation it is redirecting to spring-saml application with error "Response doesn't have any valid assertion which would pass subject validation". when i try to open other wildcard siter domains(*.csscrr.com) it is not asking authentication, so it concludes SSO is working perfect. Because of the Error page i can't move to next level. I m scratching my head to resolve the mentioned error.
Note : From my ADFS,
i can see in federationmetadata xml as SignatureMethod Algorithm="#rsa-sha256"
and in my generated metadata i can see SignatureMethod Algorithm="rsa-sha1"
Is there any way to tell on the client side if a users credentials are invalid? When I intentionally break a users credentials (change username), they are getting an generic error 101 (kPFErrorObjectNotFound). How can I prompt a user to resolve a a legitimate account issue?
I get the security implications of oversharing with error codes, but even a general "something is wrong with authentication" would help. Maybe there's no harm is prompting after error 101, but I'm not when else that error is used.
You could add a cloud function that you call and it checks if it has a user. If the user is correctly logged in then the passed token is converted into a user for the cloud code to access. Your cloud code can then return a simple response code which indicates if the login is valid or not.
I've downloaded the code from Spring's Get Started Guide - Accessing Twitter Data the https://spring.io/guides/gs/accessing-twitter/ .
I set up my credentials in application.properties and made no other changes. I run the app, and when it attempts to connect to Twitter, it fails with an exception on ConnectController line 240:
ResourceAccessException:
org.springframework.web.client.ResourceAccessException: I/O error on
POST request for "https://api.twitter.com/oauth/request_token":cannot
retry due to server authentication, in streaming mode; nested
exception is java.net.HttpRetryException: cannot retry due to server
authentication, in streaming mode
I have checked that the credentials are being read by the app. They are valid - I use them to connect with another application I've written with twitter4j, although in that case I use a Token and Token Secret in addition to the Consumer Key and Consumer Secret.
Any ideas?
Thanks
I had exactly the same issue as you : it happened because I did not set my callback URL in the twitter setting.
Just check in your twitter app settings that the callback field is set (I used the same URL as the website field).