How do users reset passwords while in "off-line" mode.
We are running the site as Intranet.
Joomla 2.5.4
Mhm.. this is quite long to do, but maybe you can work it out.
Grant your user level offline access (you can do that in Global configuration -> Permissions)
Create a menu entry that point to the user profile and set visible to your users
Set every menu/modules etc etc invisible to "normal" users (except the previous one)
I've never tried it before, but it should work.
I just wanted to share my solution for Joomla 3.9:
In the file "offline.php" of your template (or in /templates/system if the template has no offline.php) you can place this code before where the login form is displayed:
if( JRequest::getVar('option') == 'com_users') {
?><jdoc:include type="message"/><?php
$registrationController = new UsersController();
$registrationController->display();
} else {
// Login Form
}
so it displays the dialogs to reset the password if the page is loaded by using "index.php?option=com_users&task=request.reset" or similar, but shows the "offline" login form by default.
Related
I connected Alfresco with my active directory I am able to login using windows credential but how to add userspace to these windows login. I am not able to able to create new content using windows login. Also I have to login twice inorder to view the alfresco explorer page. First in browser then in alfresco login page. How to make it as single page.
Here is my global property
### ACtive Directory Configuration ###
authentication.chain=passthru1:passthru,ldap1:ldap,alfrescoNtlm1:alfrescoNtlm
passthru.authentication.sso.enabled=false
passthru.authentication.allowGuestLogin=false
passthru.authentication.authenticateCIFS=false
passthru.authentication.authenticateFTP=false
passthru.authentication.servers=192.168.100.100
passthru.authentication.domain=<Netbios Domain>
passthru.authentication.useLocalServer=false
passthru.authentication.defaultAdministratorUserNames=sameer
passthru.authentication.connectTimeout=5000
passthru.authentication.offlineCheckInterval=300
passthru.authentication.protocolOrder=TCPIP,NETBIOS
ldap.authentication.active=true
ldap.authentication.java.naming.security.authentication=simple
ldap.authentication.userNameFormat=%s
ldap.authentication.allowGuestLogin=false
ldap.authentication.java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory
ldap.authentication.java.naming.provider.url=ldap://192.168.100.100:389
ldap.authentication.escapeCommasInBind=false
ldap.authentication.escapeCommasInUid=false
ldap.synchronization.active=true
ldap.synchronization.java.naming.security.principal=uid\=sameer,cn\=users,dc=<company.domain>,dc=com
ldap.synchronization.java.naming.security.credentials=<administrator.privilege.account.password>
ldap.synchronization.queryBatchSize=1000
ldap.synchronization.groupDifferentialQuery=(&(objectclass=nogroup)(!(modifyTimestamp<\={0})))
ldap.synchronization.personQuery=(&(objectclass=user)(userAccountControl\:1.2.840.113556.1.4.803\:\=512))
ldap.synchronization.personDifferentialQuery=(& (objectclass=user)(!(modifyTimestamp<\={0})))
ldap.synchronization.groupQuery=(objectclass\=group)
ldap.synchronization.groupSearchBase=cn\=users,dc=<company.domain>,dc=com
ldap.synchronization.userSearchBase=cn\=users,dc=<company.domain>,dc=com
ldap.synchronization.modifyTimestampAttributeName=modifyTimestamp
ldap.synchronization.timestampFormat=yyyyMMddHHmmss'.0Z'
ldap.synchronization.userIdAttributeName=sAMAccountName
ldap.synchronization.userFirstNameAttributeName=givenName
ldap.synchronization.userLastNameAttributeName=sn
ldap.synchronization.userEmailAttributeName=mail
ldap.synchronization.userOrganizationalIdAttributeName=msExchALObjectVersion
ldap.synchronization.defaultHomeFolderProvider=userHomesHomeFolderProvider
ldap.synchronization.groupIdAttributeName=cn
ldap.synchronization.groupType=Nogroup
ldap.synchronization.personType=user
ldap.synchronization.groupMemberAttributeName=member
synchronization.synchronizeChangesOnly=true
cifs.enabled=false
First error kind of in your properties:
Use the ldap.authentication.active=true or the passthru as active subsystem
This is the reason you need to login double.
So in this case just put the
ldap.authentication.active=false
I'm not sure why you're not an admin, can you try the following:
ldap.authentication.defaultAdministratorUserNames=sameer
or
ldap.authentication.defaultAdministratorUserNames=uid\=sameer,cn\=users,dc=<company.domain>,dc=com
Are you sure it's uid=sameer and not cn=sameer.
Our application has been developed on Liferay with multiple Spring MVC portlets on the page. Its a single page application, and the navigation only happens inside the portlets. Now sometimes when Liferay session times out and I send a request to the control for a new view, the liferay login page is being shown inside the portlet. But the expected behaviour is if the liferay session is timed out, then the whole page should have redirected to Login page.
I have specified following properties in the portal-ext.properties
session.timeout.warning=1
session.timeout.auto.extend=false
session.timeout.redirect.on.expire=true
browser.cache.signed.in.disabled=true
Any suggestions?
If you're just doing Ajax navigation in the portlets, you might want to hook into Liferay's session-extension way (you'd have to look it up - there's a client side timer that counts down and displays the "session.timeout.warning" - I can't give pointers right now)
Alternatively, if a session extension is acceptable as long as a browser window is open, you can use the same mechanism to show an alternative behaviour: Instead of willingly timing out a session, it can extend the session. See portal(-ext).properties:
#
# Set the auto-extend mode to true to avoid having to ask the user whether
# to extend the session or not. Instead it will be automatically extended.
# The purpose of this mode is to keep the session open as long as the user
# browser is open and with a portal page loaded. It is recommended to use
# this setting along with a smaller "session.timeout", such as 5 minutes for
# better performance.
#
session.timeout.auto.extend=true
Does this happen in all your pages or only on specific pages. ?
Does this happen on click of any button?
If so , do the following in the method that you are calling on the click of the button,
function onClickFunction(){
var liferaySession = Liferay.Session._currentTime;
if(liferaySession == '0'){
//reload page
}
else{
//proceed
}
}
I have a big problem with Internet Explorer 7 and 8.
SITUATION:
I have a FORM that build a Medical Prescription. When I hit the save button, the script saves the DomainObject on DB and set a boolean property (of panel where the form is added) called "saved" to true and a byte[] property called PDF with bytestream.
On RenderHead of Panel, I read this boolean and, if is true, I force the trigger of a hidden button with this code:
String js = "$('#" + printPDF.getMarkupId() + "').click();";
response.renderOnDomReadyJavaScript(js);
The button executes this code:
ResourceStreamRequestHandler handler = new ResourceStreamRequestHandler(new ByteArrayResourceStream(pdf, "application/pdf"));
handler.setFileName("foo.pdf");
RequestCycle.get().scheduleRequestHandlerAfterCurrent(handler);
This code work perfecly on FF and Chrome. The Browser download windows appears and the user can save the PDF on HD.
Unfortunally, Internet Explorer has that damn security behavior that is triggered when a site require something to download. That warning require a user validation. A yellow Bar appear and the user is force to hit "Download".
screenshot http://imageshack.us/a/img198/1438/securityg.jpg
When I hit Download File, the form is submitted again with the exact state I had when I hit save the first time. So no previous INSERT on DB is already committed; The Session is resetted to the previous state etc...
The result is a double INSERT on DB of the Domain Ojbect.
Any clue to resolve this?
The problem is that you click download link programaticly instead to redirect browser to an URL or open an URL by JS window.open(url). Click a link looks like an unwanted operation that is sometimes restricted by browser.
I want to add user session support to my application. Since reloading the page will restart the application and even opening another browser tab will cause the original one 'out of sync' problem.
Do I need to create an independent window for each login, or is there any plugin I can use, or if I make it a Spring + Vaadin application, will it solve this problem?
Applications created with Vaadin Framework are automatically statefull, so your application should keep its state unless you have the ?restartApplication parameter in the URL.
To support multible browser tabs / windows in the same session, the getWindow(String name) must be overriden in the Application class to return a new Window instance for each browser tab / window:
#Override
public Window getWindow(String name) {
// If the window is identified by name, we are good to go
Window w = super.getWindow(name);
// If not, we must create a new window for this new browser window/tab
if (w == null) {
w = new CalcWindow();
// Use the random name given by the framework to identify this
// window in future
w.setName(name);
addWindow(w);
// Move to the url to remember the name in the future
w.open(new ExternalResource(w.getURL()));
}
return w;
}
For more information about Vaadin's multi window support, see this wiki page.
Reloading the page should not restart the application, unless your url ends with ?restartApplication=true.
The Application object is stored in the HTTP Session, therefore everything you want to store per user can be associated with the application.
Typically, each browser process can only support one HTTP Session, hence you will only be able to support one user per browser (unless you make significant efforts, and store per-user state on each application level Window. I recommend you don't do this unless you know what you are doing : one user-per-http-session is the norm in web applications)
Spring+Vaadin are a good combination - I am using this pairing to great effect in our projects - but are not particularly useful in this context.
Vaadin does not support multiple-windows/tabs in it's default configuration (hence your out-of-sync errors). However, it is trivial to write the code to do so : here's a simple explanation, and some code
This is a weird bug, and I'm not even sure how to begin figuring out what's going on.
We are using Cake 1.3.8 with our sessions in the database. I am not using ACL or any other access control. If we navigate into the application and click around a bit, and then rapidly click the browser back button twice (I've tried in Firefox and Chrome) the user is logged out more often than not and receives the error message 'You are not authorized to access that location'.
All of my searches thus far have involved people wanting to make the page inaccessible if a user logged out and then used the back button. I'm not seeing anything reported with regards to the issue I'm seeing.
Does anybody know if this is a Cake issue or have any thoughts on debugging what is going wrong?
Update: I found where the problem is. I have the security set to high, because we need the session to be closed whenever somebody closes the browser. I also have the timeout set very high because we do large binary uploads to S3, and don't want the user logged out while it's uploading or downloading. The specific block of code in cake_sessions.php that's causing the problem is:
$time = $this->read('Config.time');
$this->write('Config.time', $this->sessionTime);
if (Configure::read('Security.level') === 'high') {
$check = $this->read('Config.timeout');
$check -= 1;
$this->write('Config.timeout', $check);
if (time() > ($time - (Security::inactiveMins() * Configure::read('Session.timeout')) + 2) || $check < 1) {
$this->renew();
$this->write('Config.timeout', 10);
}
}
$this->valid = true;
I would guess this is because session IDs are regenerated between requests when security = high. Source:
http://book.cakephp.org/compare/44/CakePHP-Core-Configuration-Variables/cakephp/cakephp1x
You only need one out of sync request, say for a missing image and you will lose the session. I've generally found it unworkable because it's not possible to prevent users double-clicking on links and buttons and invalidating their session.
I would think about using medium security, setting the session timeout fairly short and using an AJAX script to refresh the session at regular intervals (eg every 60s). That way the user will be logged out quickly if the tab/window is closed.
If security is a priority I would suggest hacking the core to make sure the session cookies are set to http_only to help guard against session hijacking by XSS attacks. Cakephp 1.x supports PHP4 so probably isn't setting this by default.
http://php.net/manual/en/function.setcookie.php
It's possible that the session is erased and before it can be written again, the back button is clicked removing the auth from the session variables.
Page loads -> Back Button Clicks -> sessions is erased (but before session is rewritten) -> Back button clicks -> Session checks no existing session.
The only thing that I can think is happening is that when you're going back a page too quickly your code can't validate the person quickly enough (round trip from checking credentials) and throws an error that gets displayed on the next page that is loaded (second backed-to page).
Are you sure the person is actually logged out, or is it just the error being thrown?
Without seeing any code, it will be difficult to nail it down any further.