There is a URL in which a SAML request is hidden. While making request, SAML authentication takes place. I would like to know if I will make the POST request to the hidden SAML URL with the same credentials as provided before. Will this session be the same as the one in which I have made the previous request.
PS: The machine, IPs and all are constant while making the requests.
Just like you open multiple tabs to access Google Docs, you would get multiple independent SAML sessions.
Each one would have different session ID and different Authentication Context.
For example, below are the two SAML responses with the same AWS IdP-init SSO SAML authentication flow.
<?xml
version="1.0"
encoding="UTF-8"
standalone="no"?>
<saml2p:Response
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
Destination="https://signin.aws.amazon.com/saml"
ID="_c5b2e49b9abcb559d5784487a2a4b419"
IssueInstant="2019-03-04T00:27:36.738Z"
Version="2.0">
<saml2:Issuer
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://accounts.google.com/o/saml2?
idpid=<idp_id>
</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode
Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</saml2p:Status>
<saml2:Assertion
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_1ad7cff1e3c1000a8f112a1a43f35457"
IssueInstant="2019-03-04T00:27:36.738Z"
Version="2.0">
<saml2:Issuer>https://accounts.google.com/o/saml2?
idpid=<idp_id>
</saml2:Issuer>
<?xml
version="1.0"
encoding="UTF-8"
standalone="no"?>
<saml2p:Response
xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
Destination="https://signin.aws.amazon.com/saml"
ID="_1a68f45a31b8abfde9850907cd65c25b"
IssueInstant="2019-03-04T00:28:27.362Z"
Version="2.0">
<saml2:Issuer
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">https://accounts.google.com/o/saml2?
idpid=<idp_id>
</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode
Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</saml2p:Status>
<saml2:Assertion
xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
ID="_f0b42fcf11de6279ffb1f890d50b57b2"
IssueInstant="2019-03-04T00:28:27.362Z"
Version="2.0">
<saml2:Issuer>https://accounts.google.com/o/saml2?
idpid=<idp_id>
</saml2:Issuer>
As you can see the SAML Response ID is different between the two.
Related
Trying to add out sonos service will show Authorize" screen for a fraction of a second before it goes away stating "account not found" before I even have time to put in an account. Below are the request for applink and resonse.
Any thing else is required to make it remain in the authorize screen
//request
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="http://www.sonos.com/Services/1.1">
<soapenv:Header>
<ns:context>
</ns:context>
<ns:credentials>
</ns:credentials>
</soapenv:Header>
<soapenv:Body>
<ns:getAppLink>
<ns:householdId>Sonos_ghsAflSonosakevCzmxcmFhN7pN</ns:householdId>
<ns:hardware>iPhone8,2</ns:hardware>
<ns:osVersion>Version 9.3.3 (Build 13G34)</ns:osVersion>
<ns:sonosAppName>ICRU_iPhone8,2</ns:sonosAppName>
<ns:callbackPath>sonos://x-callback-url/addAccount?state=sid%3D61703%26OAuthDeviceID%3DSonos_ghsAflSonosakevCzmxcmFhN7pN%26callbackPath%3D%2FaddAccount</ns:callbackPath>
</ns:getAppLink>
</soapenv:Body>
</soapenv:Envelope>
//response
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:tns="http://www.sonos.com/Services/1.1">
<soap:Body>
<getAppLinkResponse xmlns="http://www.sonos.com/Services/1.1">
<getAppLinkResult>
<authorizeAccount>
<appUrlStringId>LAUNCH_APP</appUrlStringId>
<deviceLink>
<regUrl>https://ourserver.com/#/signin?callbackurl=sonos://x-callback-url/add…
<linkCode>Sonos_ghsAflSonosakevCzmxcmFhN7pN</linkCode>
<showLinkCode>false</showLinkCode>
</deviceLink>
</authorizeAccount>
</getAppLinkResult>
</getAppLinkResponse>
</soap:Body>
</soap:Envelope>
The experience you are describing is what would happen if you are not properly returning the ‘NOT_LINKED_RETRY’ fault.
As described in the documentation, https://musicpartners.sonos.com/node/405 (search for polling). While your service waits for the user to manually log in through the browser, it should provide to the getDeviceAuthToken call the ‘NOT_LINKED_RETRY’ fault response for a few minutes. Details for this fault can be found here: https://musicpartners.sonos.com/node/292.
After ordering security software (McAFee Anti-virus), how to get anti-virus log and Access Protection Logs using API?
This information may help you:
https://forums.softlayer.com/forum/softlayer-developer-network/implementations/83143-python-api-retrieve-the-view-access-protection-logs
https://forums.softlayer.com/forum/softlayer-developer-network/implementations/83114-get-mcafee-epolicy-orchestrator-version45-event
Currently the information that you want to display is available only using SOAP request:
<soapenv:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v3="http://api.service.softlayer.com/soap/v3/">
<soapenv:Header>
<authenticate xsi:type="v3:authenticate">
<username xsi:type="xsd:string">?</username>
<apiKey xsi:type="xsd:string">?</apiKey>
</authenticate>
<SoftLayer_Software_Component_AntivirusSpywareInitParameters xsi:type="v3:SoftLayer_Software_Component_AntivirusSpywareInitParameters">
<id xsi:type="xsd:int">9510000</id>
</SoftLayer_Software_Component_AntivirusSpywareInitParameters>
<SoftLayer_ObjectMask xsi:type="v3:SoftLayer_ObjectMask">
<mask xsi:type="xsd:string">?</mask>
</SoftLayer_ObjectMask>
<SoftLayer_Software_Component_AntivirusSpywareObjectFilter xsi:type="v3:SoftLayer_Software_Component_AntivirusSpywareObjectFilter"/>
<SoftLayer_Software_Component_AntivirusSpywareObjectMask xsi:type="v3:SoftLayer_Software_Component_AntivirusSpywareObjectMask">
<mask>
<latestAntivirusEvents>
<virusActionTaken/>
</latestAntivirusEvents>
</mask>
</SoftLayer_Software_Component_AntivirusSpywareObjectMask>
</soapenv:Header>
<soapenv:Body>
<v3:getObject soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"/>
</soapenv:Body>
</soapenv:Envelope>
There is an issue related to this problem.
I am using weblogic server for my application.
I have configured cookies in the weblogic.xml file with the name TEST_COOKIE as below.
<?xml version='1.0' encoding='UTF-8'?>
<weblogic-web-app xmlns="http://www.bea.com/ns/weblogic/weblogic-web-app" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.bea.com/ns/weblogic/weblogic-web-app http://www.bea.com/ns/weblogic/weblogic-web-app/1.0/weblogic-web-app.xsd">
<weblogic-version>10.3</weblogic-version>
<session-descriptor>
<persistent-store-type>replicated_if_clustered</persistent-store-type>
<cookie-http-only>false</cookie-http-only>
<cookie-name>TEST_COOKIE</cookie-name>
<cookie-secure>true</cookie-secure>
<url-rewriting-enabled>false</url-rewriting-enabled>
</session-descriptor>
I would like to know how the value of cookie is generated by the server.
If you are using a single server, the value is:
JSESSIONID=SESSION_ID!PRIMARY_JVMID_HASH!CREATION_TIME
If you are using a cluster, the session failover information is included like this:
JSESSIONID=SESSION_ID!PRIMARY_JVMID_HASH!SECONDARY_JVM_HASH!CREATION_TIME
I'm making use of OAuth2 as authentication mechanism to get the response about the "add budget campaign" using SOAP request. In the very beginning to send a soap request using cUrl I am facing an error given below:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Client</faultcode>
<faultstring>
Unmarshalling Error: cvc-complex-type.2.4.a: Invalid content was found starting with element 'biddingStrategy'. One of '{"https://adwords.google.com/api/adwords/cm/v201309":conversionOptimizerEligibility, "https://adwords.google.com/api/adwords/cm/v201309":adServingOptimizationStatus, "https://adwords.google.com/api/adwords/cm/v201309":frequencyCap, "https://adwords.google.com/api/adwords/cm/v201309":settings, "https://adwords.google.com/api/adwords/cm/v201309":networkSetting, "https://adwords.google.com/api/adwords/cm/v201309":biddingStrategyConfiguration, "https://adwords.google.com/api/adwords/cm/v201309":forwardCompatibilityMap}' is expected.
</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
I am sending the following XML/SOAP request using cUrl which is the similar code given on AdWords tutorial (https://developers.google.com/adwords/api/docs/guides/soap) .
<?xml version="1.0" encoding="UTF-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns="https://adwords.google.com/api/adwords/cm/v201309">
<soap:Header>
<RequestHeader>
<authToken>MYAUTHTOKEN</authToken>
<userAgent>curl-tutorial</userAgent>
<developerToken>MYDEVTOKEN</developerToken>
<clientCustomerId>MYCUSTOMERID</clientCustomerId>
</RequestHeader>
</soap:Header>
<soap:Body>
<mutate>
<operations>
<operator>ADD</operator>
<operand>
<name>Test File</name>
<budget>
<period>DAILY</period>
<amount>
<microAmount>1000000000</microAmount>
</amount>
<deliveryMethod>STANDARD</deliveryMethod>
</budget>
<biddingStrategy
xmlns:cm="https://adwords.google.com/api/adwords/cm/v201309"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="cm:ManualCPC"/>
<settings
xmlns:cm="https://adwords.google.com/api/adwords/cm/v201309"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="cm:KeywordMatchSetting">
<cm:optIn>false</cm:optIn>
</settings>
</operand>
</operations>
</mutate>
</soap:Body>
</soap:Envelope>
I utilized the above XML/SOAP request in my cUrl request as:
curl --header "Content-Type: application/soap+xml"
--data #test.xml https://adwords.google.com/api/adwords/cm/v201309/CampaignService
I have searched over the internet regarding the same issue I'm facing but no where I could find the solution. Please let me know if I'm doing anything wrong or let me know if there is any other way out.
Campaigns don't have biddingStrategies. They have biddingStrategyConfigurations. Take a look at the reference: https://developers.google.com/adwords/api/docs/reference/v201309/CampaignService.Campaign
I have a simple WCF webservice client that sends a request to Microsoft Search Server (included with SharePoint 2007) on /more/_vti_bin/search.asmx
The request is sent
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<Query xmlns="urn:Microsoft.Search">
<queryXml><QueryPacket xmlns="urn:Microsoft.Search.Query" Revision="1000"> <Query> <Context> <QueryText language="fr-FR" type="STRING">foo bar</QueryText></Context> </Query> </QueryPacket> </queryXml>
</Query></s:Body></s:Envelope>
But the response shows a SQLException error
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<QueryResponse xmlns="urn:Microsoft.Search">
<QueryResult><ResponsePacket xmlns="urn:Microsoft.Search.Response"><Response domain=""><Status>ERROR_SERVER</Status><DebugErrorMessage>System.Data.SqlClient.SqlException</DebugErrorMessage></Response></ResponsePacket></QueryResult>
</QueryResponse></soap:Body></soap:Envelope>
It states there's been a sql exception, coulld you check on your sql machine if any errors occurred?
there is a problem with your request. test your search service using this tool
After some further analysis, I have understood that the problem lies in the fact that the Soap query does not start with an XML declaration.
<?xml version="1.0">
This is perfectly possible and respectful of standards but SharePoint doesn't like that.
The question becomes: How to force the WCF client to starts with an XML declaration.