I am using RadSocialShare facebook button to share a page on facebook. User should login to access this page. If I use this page URL to share in RadSocialShare, facebook is unable to read the content from this page and it shares the content from the login page. Is there a way I can share restricted page's some contents on facebook/google+/twitter etc?
Thank you in advance.
You can't, Facebook send a separate request to index the page and thus such hidden pages are hidden from its crawler. See here: http://www.telerik.com/help/aspnet-ajax/socialshare-controlling-content-for-facebook.html.
Related
I am looking for some best practice advice. I have a mobile application that has 4 functional elements. Out of the 4 only 1 requires the user to be authenticated.
For the authentication I have built a login page. So first I am checking if an application level property is setup. If that is true then the app does not need authentication. If that is not set I am loading a login form hosted on a content page.
The login page/ form has a backing ViewModel.
The PROBLEM I am trying to solve is that after the user has logged in from the login page and navigates to the next page, the back button takes user back to the login page.
The scenario I would like is that when user reaches a specific page, from that page back should go back to another page not the login page.
MainPage --> Login --> Dashboard
Dashboard(Back) --> Login (Not desired)
Dashboard(Back) --> MainPage (Desired)
Can somebody please help with this? I am looking for some guidance.
Regards.
I followed this tutorial (https://spring.io/guides/tutorials/spring-boot-oauth2/) to create a facebook oauth2 login and it's working fine.
Once I click on the login button it redirects to the facebook page and after the user logs in it goes back to the application.
Now I want to modify the code so I can have a popup instead of redirecting the application to the facebook web page. I'm trying to find some material on how to do that, but couldn't find anything so far.
Does someone know what needs to be done or have some link / article on how to do that?
Thank you!
That has to be done in the javascript front end. From https://developers.facebook.com/docs/reference/javascript/FB.login/v2.12
Calling FB.login() results in the JS SDK attempting to open a popup window.
I need to have inner pages of an app shared to facebook with the right Opengraph data but i'm presuming when a facebook scraper/robot tries to access a certain secured url by JWT-tokens (tymon's), it lands to the sign-in page instead and picks the OG data from there.
I'd rather need to allow access to facebook scraper to bypass login and reach the page to get the certain info on that page?
I need to add the new embed Yammer Widget to a page. I managed it by simply adding the embed code to my page, but the yammer login seems to appear all the time.
I have to say that I don't have any experience with Yammer but I've read the Yammer Embed Installation Guide as well as other documents. Still, I am not able to find whether or not it is possible to pass some kind of credentials (mail, etc.) in order to prevent the embed yammer to display the login to the user or at least have the login display only once.
Can anyone help me?
From Yammer support: "A user would still need to log in to both your intranet and Yammer embed instance even with Single Sign On enabled. There is an open project for our Product team to allow for just a single log in so that when a user is logged into SSO for your intranet, they would also be auto-logged into embed."
If you add both the Host site and Yammer (https://.yammer.com & https://.assets-yammer.com) to the trusted zone in IE, it should pass the OAuth token after the first login and authorisation. I've tested this in IE8 and IE10 successfully.
Regards,
Chris
I am wanting to build an admin tool where I can "impersonate" users of my site, without having to lose my session as an admin.
I would like to be able to open an iframe that will view the website "as the user", without changing the state of the page that opened the iframe.
Is that possible? Is there a better way to do this?
It's possible, but there's a bit "but" :)
Just a couple options to start with:
Use URL-based session tokens (as Java Servlets do when you have cookies disabled)
Use different domains for "normal" site and admin interface
iframe itself won't help you much: it will always share its cookies with the browser. So in order to avoid that, you can use either of the above options—but that does not depend on the iframe.
What language? My answer is based on the assumption that PHP is your chosen language.
Firstly, I would say you have planned your application wrong if session impersonation is the only way you can view your site as another user while still keeping your admin login intact.
One way you could do it, and again this is assuming that you are using PHP as well as the default session management functions within and you do not have a custom session handler would be to load the iframe url with the ?PHPSESSID=sessionidhere parameter.
A better way to do this is to create your site and authenticate users via a user object of sorts and then add some sort of url parameter such as ?userbrowseid=123
Then when you load the page, your code will only check if the parameter exists if you are already logged in as an admin. The page would then overwrite your current user object with the user object of the user with the id 123. Steps should be taken to make sure your session cookies are not overwridden with the impersonated user object. As this would be in an iframe, your site will work as an admin and the iframe will be loaded as the user object.