I have new system that ive been created using yii2. i want the existing system(using yii) able to send session into the new system(yii2). which means the new system will not ask for login if user already login in the existing system
Related
I am using the GSuite Admin SDK, Directory API (https://developers.google.com/admin-sdk/directory/v1/guides/manage-users) to add and list users,
After adding a new user (using this endpoint: https://www.googleapis.com/admin/directory/v1/users) I try and check if that user exists in the user list or not (using this endpoint: https://www.googleapis.com/admin/directory/v1/users?customer=my_customer).
Every time I do these steps I could not find the newly created users, there seems to be a problem with synchronization.
Is there any solution for this without changing the access token?
thnx for the help.
I'm using IdentityServer4 and whenever the user login for the first time the application shows consent screen for the scopes of an application to the user which is expected. If the user clicks "yes" and click on remember option the application is not showing the consent screen when the user login for second time onwards which is also expected. Here the problem I'm facing is whenever I restart the IdentityServer (or when I do the deployment) the user consent information is not persisting and it is showing the consent screen again for the user. Can anyone help me to know Is there any way to store the user consent information into DataBase or how can we know where the information is being stored when the application is in running. I did some debugging but couldn't find it. Thanks in advance.
Add reference IdentityServer4.EntityFramework.Storage nuget package to identity server 4 project, Then in startup.cs
service.AddIdentityServer((options) => {})
.AddPersistedGrantStore<PersistedGrantStore>()
// Add other services.
The PersistedGrantStore requires PersistedGrantDbContext uses EntityFramework and requires the DbContext to be configured (same way you configure other EntityFramework DbContext). For example to use SQL Server
services.AddDbContext<PersistedGrantDbContext>(options =>
options.UseSqlServer(connectionString));
You can use dotnet-ef command tool to create and initialize the tables in the database.
You can also have your own implementation of IPersistedGrantStore service.
Last year I started using asp.net core MVC.
I used to make a security system using role and permissions based like:
When the application is first deployed into production, the application creates a default admin
role and admin user. This user has full application access.
This user can create a new roles and give access permission to a new role (including creating new role and user permissions) and assign it to the new user.
reference for this type of security system:
I read Microsoft documentation
And there everything is in hardcoded string .
How can I implement this in asp.net core2.x with EF Core for DB access?
(If possible provide some detail explanation links)
For an Example: Admin user Create Role 'PurchaseManager' and give access to this URL example.com/Product [Get/POST/PUT/DELETE] etc. all. after Admin user Create another Role 'StoreManager' and give access to this URL example.com/Product [Get Only]
this process will be done in production.
I have a MVC application using Forms Authentication that allows users to log in as sub accounts. To accomplish this we do the following
FormsAuthentication.SignOut();
FormsAuthentication.SetAuthCookie(newMember.UserName, true);
//Set new session variables
I then redirect to a new page. The new page loads properly, with all user session specific data. However, when I attempt to navigate to another page as this user, it appears my session is gone.
This only happens in IE.
I have seen a issues similar to this, suggesting that the version of .net is not able to find the cookie store for IE browsers. However the user already has a session and only has a problem when they login as a new user.
Any thoughts?
I'm very new to liferay and am creating a hook on the login.events.pre event. My users will be signing in to the website by using their phone number, so I have to do some validations on the status of their phone line before letting liferay create a session for the user. I've already created the portlet and am able to execute some java code before letting liferay take care of the login validation, but I'm not sure how to stop the whole process if my validation fails. In other words, if I find out that the users phone line is suspended, I don't want liferay to allow them to sign in, even if the right login info has been provided by the user. Is it possible to do this in the login.events.pre event in liferay?
In this case you can invalidate the Session and redirect it to some customized error page in your hook.
Below piece of code might be helpful.
//Below code to get the current session
HttpSession session = null;
session=request.getSession(false);
//Below code to invalidate the session and to redirect to your customized error page
session.invalidate();
response.sendRedirect("/errorPage.html");