Specific authentification for a website - siteminder

I have two website and both are on the same domain (ex: http://test.com/). For the first site (ex: http://test.com/app1) I want to have SiteMinder check if the user is logged in or not, but on the second website (ex: http://test.com/app2) I do not want this check to be performed.
My question here is: is this thing possible or the second website must be on a different domain ?
Thank you

Yes this is possible. You should create a realm for /app1 (don't user / root protection), and no realm for /app2. If you want root protection at / except for /app2, then create an unprotected realm for /app2.

Related

Use an external database to login users for Laravel 9

I am developing a small intranet to serve authenticated-only assets using Laravel 9. I install laravel:breeze in order to include login functionality and it works for users that register using breeze form in /register route.
I have an external database with the current users that I want to use instead of manually registering one by one.
Is there any approach for achieving this?
I have an app which uses another app for the users database. And it sure is using authenticate-by-id feature. Here how it goes:
A user opens MY_APP and is opening login url which prompt him/her to login using Gmail (might be different in your case)
MY_APP receives the Gmail account
Check the existence of the account in MY_APP database: authenticate it if exists, and proceed to the next step if otherwise
MY_APP checks the existence of the account in the USERS_DB_APP through an API
If the account is not exists, the login request will be denied
Otherwise:
Save the user record from USERS_DB_APP to my own MY_APP database
Then proceed authenticate the user using its just-created id
Your actual case might be different from this. But I hope it can gives you an insight to some level.

Single Signin For All Subdomain Or Projects?

Hy All Hope All Are Fine. First Of All Sorry For My English And I Am Totally New And didn't Know About Php My Sql Etc, So Lets Start My Questions With Detail I Purchased too many Projects
subdomain1.maindomain
subdomain2.maindomain
subdomain3.maindomain
subdomain4.maindomain
May Be In Future I Will Add More
Now Simply I Want Single Login For All Subdomains, Mean That User Can Signup In One Of Any Domain But Can Login For All Subdomain As Same Signup For any One Of Above Domain. My Sql Database User Is Same But Mysql Database Is Different One From Other Every Subdomain or Domain Has It's Own Database.
Please Tell Me Is It Possible To Login As A One???? Please If It Is Possible Share With Detail Because I Am New.
I Did't Try Any Method

Hosting Own Website and others

I might be on the wrong section to ask this but.
After signing up with Blue Host, for a personal website blog, i know i have the ability to add extra websites for free, however would it be possible for me to add someone else website that i don't own but gave me permission to add and i let them host their website on my plan.
can they still access their account without me giving them my blue host details.its kinda of a stupid question, once i think about it.
any help will do.
You can do it in one way..
STEP-1
You have to create different FTP accounts for all users and provide a seperate folder to all users they can access that folder only via FTP details.
They can add/update/delete files that they owns.
STEP-2
Tell you user to forward his/her domain to yousite.com/folder-assign to FTP
FINISHED
Now what happen when someone open your users site.
lets says your domain is YOURDOMAIN.COM and your user domain is MYUSERDOMAIN.COM, now your user have forwarded his/her domain to your domain YOURDOMAIN.COM/FOLDER_ASSGIN to FTP
-In URL user see their own domain name MYUSERDOMAIN.COM actually it opens your site's folder that is assign to your user

Magento Password Reset Link

We run a multi-store/view magento site. Let's say our site is called www.domain.com (running the "retail" store) and another url trade.domain.com running the "trade" store
When a customer requests a password reset from trade.domain.com, they get a password reset link like this: http://trade.domain.com/customer/account/resetpassword/?id=12&token=84fb6f65548995191e526b815982bf23
Clicking this link re-directs to login page with the error Your password reset link has expired..
However, if you replace the "trade" from the domain with "www" like this: http://www.domain.com/customer/account/resetpassword/?id=12&token=84fb6f65548995191e526b815982bf23
The password reset appears to be working correctly.
Any idea why this is happening? Have I configured the magento incorrectly? Is this a known bug?
Customers are shared either per website, either across all websites, so at least, a customer account is usable on all of the store views that a website contains. Consequently, it is normal that the password reset link works for your store views.
In fact, if you would like to separate the customer accounts between your store views, you would have to create separate websites that would not share customers.
Is that subdomain password protected? That could be a problem or if subdomain is set up with a password protected extension, they won't be able to access example.com/customer/account/changeforgotten/ without already being logged in. So you'll have to allow them access to that url first otherwise it'll keep redirecting. I had the same problem.
Check the cookie domain for the website trade.domain.com. In Magento 1 it's in System->Configuration->Web->Session Cookie Management. (Making sure that you change the scope in the top left to the Website you want to update it for.
I have a store that has multiple websites, each with their own view and does not share accounts across websites, and had the same problem. Changing the cookie path fixed it for me.

Facebook APP Multiple Domains

I am setting up a Ruby on Rails app to allow login via Facebook with Devise + Omniauth. I can got this working no problem with the APP ID and Token.
However I am having an issue that I am not sure how to get around.
I have 1 instance of the Rails app running on Server A I have 2 domain names www.domain-one.com and www.domain-two.com which point to Server A When I create the app in Facebook for www.domain-one.com it works ok but as soon as I add www.domain-two.com to the app domains it gives me and error "domain must be derived from your Site URL". Is it possible to allow multiple domains login with the same Facebook APP IDs?
If not then would an acceptable solution be to switch the details in the devise initializer file based on domain and does anyone know how to get the domain from an devise initializer?
Hope you understand what I mean.
Tony
You can specify multiple subdomains but they can only belong to one domain. That's because it must match the URL in the Website with Facebook Login > Site URL.
In this case, you can make one domain name as primary domain pointing to server A and the other one as secondary domain redirecting to first domain. then In facebook app use the second domain as site url.
There is another benefit of following this strategy, your websites SEO will be improved. if search engines find one content from different domains then it rank down the content, unique content from unique address increases the ranking.

Resources