I am using User Frosting V4. I learned about the routing concept.
Now I wanted to make my index page a secure page - which means only logged in users should be able to access the page.
If user is not logged in, he should be redirected to Sign In page.
I did the following :
I defined my own routing :
$app->get('/', 'UserFrosting\Sprinkle\Core\Controller\CoreController:pageIndex')
->add('checkEnvironment')
->setName('index')
->add('authGuard');
Now, when I access the site, I get the Exception. It does not redirect to the login page : account/sign-in
I get the following error :
UserFrosting Application Error
The application could not run because of the following error:
Details
Type: UserFrosting\Sprinkle\Account\Authenticate\Exception\AuthExpiredException
File: C:\wamp64\www\UserFrosting_V4\app\sprinkles\account\src\Authenticate\AuthGuard.php
Line: 50
It redirects to the sign in page in production mode.
https://github.com/userfrosting/UserFrosting/blob/master/app/.env.example#L4
Set that to production
Related
I am using subfission/cas for my application. I have followed all installation steps. I am using windows, if that matters. More precisely, I have configured the following:
I ran the following in my terminal
composer require "subfission/cas" "dev-master"
I configured my Kernel.php accordingly, adding the following:
'cas.auth' => 'Subfission\Cas\Middleware\CASAuth',
'cas.guest' => 'Subfission\Cas\Middleware\RedirectCASAuthenticated',
I ran the following command:
php artisan vendor:publish
I also set up my cas server in my cas.php config file:
'cas_hostname' => env('CAS_HOSTNAME', 'cas.myserver.me'),
'cas_real_hosts' => env('CAS_REAL_HOSTS', 'cas.myserver.me'),
What I want is a middleware for all my routes, so I added the following route rule in my routes:
Route::middleware(['cas.auth'])->group(function ()
{
Route::get('/', function ()
{
return view('welcome');
});
});
Basically, I want to redirect everyone who is not logged in to the login page whenever I access the main page (for now, I will add more routes in the future). What happens is that the users are redirected to the login page when they are not logged in, but after the login I receive the following error:
ErrorException (E_WARNING)
DOMDocument::loadXML(): Opening and ending tag mismatch: hr line 1 and body in Entity, line: 1
No matter what view I'm redirecting the user to. I tried the default welcome page as well as an empty view, but I still get the same error.
EDIT: I have used the dev-master branch from subfission/cas for the above error and after switching to 2.1.1, I get a different error:
session_name(): Cannot change session name when headers already sent
EDIT 2: I did some more digging and I enabled internal errors in my cas client class with:
libxml_use_internal_errors(true);
And now I get the following:
Authentication failure: SA not validated Reason: bad response from the CAS server
And the cas response is:
The thing is that I use the same cas server for another 2 projects and it works well for those (but those aren't laravel projects.
I know it's been a while, but for anyone else having issues like this, the issue is the protocol selected for which your web service communicates with your CAS(Central Authentication Service) provider. There are two main protocols used for SSO/CAS in this package:
SAML(Security Assertion Markup Language) version 1.1 & 2
CAS Protocol v3.0
[Confusingly enough, CAS protocol shares the same namespace as the service.]
The idea is to match the protocol and version with your identity provider. It sounds like your provider is using CASv3.0, which is why disabling SAML worked.
Also, if you enable debug mode, you will see further error details in your log file to help your troubleshoot.
Best of luck!
I managed to solve the issue by disabling the SAML in the cas configure file:
'cas_enable_saml' => env('CAS_ENABLE_SAML', true),
change to
'cas_enable_saml' => env('CAS_ENABLE_SAML', false),
I am trying to install basic spring security plugin 3.1.2 for Grails 3.
I created USer and ROle and I can see them created in the database using MySQL but I am getting
Error: Page Not Found (404) Path: /login/authenticate
error. I am not sure why it's going to authenticate view as my
grails.plugin.springsecurity.successHandler.defaultTargetUrl = '/inputParam/news'
is this one it should go to news ..How to check if user successful logged in..
I tried creating login controller but it's not passing any params at the backend
I'm trying to test java web application (jsf) that uses oracle adf-faces. When I record my test, the application is working fine but when I later check the user, then on login.jsf page, just before authentication and home pages, I get 500 Internal server error that says:
ADF_FACES-30200:For more information, please see the server's error log for an entry beginning with: The UIViewRoot is null. Fatal exception during PhaseId: RESTORE_VIEW 1.
Some more info: My login.jsf page is referred by previous login page that has jsession id appended to it. However, as far as I understand, neoload automatically handles jsessionid (I did try to set a parameter for it though and it didn't fix the error)
Also login.jsf page itself is a referrer to authentication page that in its turn is a referrer to a home page of an application, and the latter are both redirect pages (do not use manual definition) so they are not played during the check because of this error:
login.jsf page uses POST method and it has the following POST parameters: pt1:username, pt1:password, org.apache.myfaces.trinidad.faces.FORM, Adf-Window-Id, javax.faces.ViewState, Adf-Page-Id, oracle.adf.view.rich.DELTAS, event, event.pt1:loginCommandButton
I use set of users (I have a variable for username and password) and I handle javax.faces.ViewState manually with a jsf parameter (it used to give me errors).
I would appreciate any help greatly!
I want to have an error Page if My Aplication cannot connect to Database.
But for now I have sth like this:
Then If I step over I have an error in Layout where I check if IsAuthenticated it also shows an error in
<li>#if (WebSecurity.IsAuthenticated)
{
if (User.IsInRole("admin"))
{#Html.ActionLink("Admin Panel", "Index", "Admin")}
But it only happens if I am logged in.
If I am not logged in then it only shows an error which I showed in Picture,
Then if I click step over I get an error page in web browser which is a result I want to have.
Q: How to get an error Page if Database is not connected without going to VS10 to code view ?
I also have an error controller and it works for displaying error page if someone types wrong www address.
I am using Symfony 1.4 with sfGuardDoctrinePlugin. The problem is:
Lets us say the current page URL is www.pg.com/blog/edit.php
Now the session times-out and I click the blog index link
This redirects to www.pg.com/blog but since I need to login, the template for login_module and login_action is served on the same URL (www.pg.com/blog)
Post login, the user is taken to blog index (or even if the user clicks that link), the login template is served since it is cached for the "blog/index".
I suspect that somewhere in sfAuth plugin, there is a forward instead of a redirect that is serving the login template on the other page URL. How can I prevent this?
EDIT: I even got the line where it is happening, but I do not wish to modify Symfony source code. Can I do it outside?
Jul 31 10:02:59 symfony [info] {sfBasicSecurityFilter} Action "blog/index" requires authentication, forwarding to "sfGuardAuth/signin"
The user has to wait for quite some time or clear cache to avoid this.
Thanks
The forwarding is done by the sfBasicSecurityFilter filter. If you want to change the forward to a redirect, you will have to overwrite the forwardToLoginAction in your own security filter:
class mySecurityFilter extends sfBasicSecurityFilter
{
protected function forwardToLoginAction()
{
$this->getContext()->getController()->redirect(sfConfig::get('sf_login_module') . '/' . sfConfig::get('sf_login_action'));
throw new sfStopException();
}
}