When i try to check if user is valid or not (using username and password) using the web service function
'core_auth_confirm_user' then it says 'User confirmation is not enabled on this site' with errorcode
'confirmationnotenabled'. If anyone knows to fix this, then please help.
Thanks!
Logged in your Moodle as an admin, go to admin/search.php and search for the setting registerauth. Get sure the setting has a value set other than Disable. For example, you can set it as Email-based self-registration, in this case the auth plugin that will handle the confirmation would be auth_email. It is also possible that this error may arise if you have somehow selected other auth plugin and that plugin does not implement the can_confirm() as returning true in its auth.php config file, but this is very unlikely IMO.
Related
I am working om using Auth0 has authentication for services. I have the following problem. I have created a user but when I try to make a request with that user I get the following error.
Authorization server not configured with default connection
I have researched this and found I need to Configure the tenant
The Resource Owner Password Flow relies on a connection that is capable of authenticating users by username and password, so you must set the default connection for the tenant.
Go to Auth0 Dashboard > Tenant Settings, and scroll down to locate the Default Directory setting.
Enter the name of the connection you would like to use. Make sure it is capable of authenticating users by username and password.
But I have on idea what they mean by Default Directory. Is that the name of the Auth0 application I generated, since that is the service, that is supposed to authenticate users by username and password.
I have generated a SpringBoot app from the auth0 console. is that what they mean by connection.
Follow these steps.
Navigate to your dashboard - manage.auth0.com/dashboard
On the left menu, click on Setting
Scroll down to "API Authorization Settings"
Enter Username-Password-Authentication in the "Default Directory" input
Hit save - It typically takes about 30secs for changes to take effect
In Default Directory put Username-Password-Authentication
My auth0 was configured with a custom database, and when I was trying to get tokens using the Resource Owner Password API, I had the same issue Authorization server not configured with default connection .
The solution to this issue was:
Set the grant_type to http://auth0.com/oauth/grant-type/password-realm
Set the realm to the name of the custom database
For anyone else stumbling upon this question, you can also use the Realm property to define a specific Database connection instead of setting up a default one.
I'm trying to access Activiti Explorer from my Liferay portlet. My idea would be to bypass the Activiti login by adding username and password to the URL.
Something like:
Vedi Grafico
Disabling the login function would be good too, but I don't think it can be done. Does anyone have any ideas on how to best proceed?
Thank you!
It is not a good idea put the user and the password in a hiperlink. But if you have clear ideas, the best way for do this is ParameterAutologin.
Ensure that you have active this hook in your portal-ext.properties, if that is not the case you should add the ParameterAutoLogin and reboot the portal:
auto.login.hooks=com.liferay.portal.security.auth.ParameterAutoLogin
then if your portal login is by screenname you put this url:
http://localhost:8082/path¶meterAutoLoginLogin=test¶meterAutoLoginPassword=test
If your portal login is by email you put this url:
http://localhost:8082/path¶meterAutoLoginLogin=test#domain.com¶meterAutoLoginPassword=test
This works with all the urls of your portal. No matters the path.
I've just installed Testlink and am trying to get familiar with it.
I've even managed to configure authentication using LDAP (Microsoft AD).
But strangely, as soon as I set LDAP as default authentication method, my local test users cannot log on anymore.
If I change back to DB authentication as default auth method, my LDAP users cannot log in anymore.
I've the following set in the configuration file:
$tlCfg->authentication['domain'] = array('DB','LDAP');
$tlCfg->authentication['method'] = 'LDAP';
It seems as if both authentication modes are enabled and LDAP is used as the default.
When editing the user settings of a user, I have a dropdown box named "Authentication method"
It has three entries. One is "Default", the other is "0" and the third is "1".
This led me to the assumption, that I can select the type of authentication used for this account.
But strangely, regardless of which option I choose, the behavior is identical to what I mentioned above.
Is anyone experienced in Testlink?
Does anyone use two authentication modes in parallel with Testlink?
Did anyone see the same issue before? What did you do to solve this issue?
Thanks for your help in advance!
Best regards,
Tom
You can use testlink DB authentication as well as LDAP authentication. You have to set this option when you create user
Dropdown box named "Authentication method" has three entries. One is "Default (LDAP)", the other is "DB" and the third is "LDAP". If you see different options then something is messed up with your TestLink installation. I'm using v1.9.14 on MySQL.
Experts,
I have to implement authentication mechanism same as how author instance works. For example, if any user request for any page http:somehost:someport/content/geometrixx/en.html then system should open the page http:somehost:someport/content/geometrixx/en/toolbar/account/login.html and only after successful login sling should redirect to required page.
I looked into Login Selector Authentication Handler and Sling Authentication Service but it seems there is no configuration here. Could you please let me know your thoughts on how to proceed on this? How it will be possible without CUG and how similer mechanism works in Author instance?
Goto http:somehost:someport/useradmin search for anonymous user. click on the anonymous user -> click on permission tab -> remove the read permission on the path that shouldn't be accessible to anonymous users.
If you just want to redirect to the login page if the user is unauthenticated then you will have to do 2 things.
1. Go to /system/console and navigate to the Configuration. Select "Apache Sling Authentication Service". Disable Anonymous access.
2. Go to /libs/cq/security/config.publish/LoginSelectorHandler - Change the login page to the page you want.
i'm implementing a form based authentication for my web application.
i created some users in the JDBCrealm on TomEE server and allow only particular users to access the protected jsf pages.
Now authentication works perfectly and if there is a username password mismatch it is redirected to the error page.
the problem i'm facing here is, if i try to login with the user already available in the JDBCrealm who is not authorised to access the protected the page im getting 403 error.
When I come back and try again get to protected pages i can't again login. Is it because information about my login is remembered in session and I have to invalidate session?
Even if I don't login ?
EDIT:
i ask about at forum: http://openejb.979440.n4.nabble.com/Bug-in-security-TomEE-td4665009.html
and i think its the best answer for my question
instead of trying to implement this yourself take a look to something like spring security, it provides most of the options you will need and if you need to extend it is easy as well