How to redirect to homepage from /api/login url as it has predefined response in spring security rest plugin 1.5.4 in grails ?
You can override the default spring security login end point as below,
open Config.groovy file and add the following line in that file,
//spring security rest login end point
grails.plugin.springsecurity.rest.login.endpointUrl = "/PATH_TO_HOME_PAGE"
Restart your grails application after change.
Related
I want to deploy an webapp for internal use only. This webapp is firing POST requests to other internal services. The problem is that the services are not running with TLS. The deployed webapp on Cloud Run has HTTPS activated by default. Therefore I can not launch any HTTP POST request to the services.
Any idea how I can deploy the app without TLS/HTTPS active?
Code snippet:
console.log('Starting Import: ' + this.urlString)
const xmlHttp = new XMLHttpRequest()
xmlHttp.open('POST', this.urlString, true)
xmlHttp.send(null)
console.log(xmlHttp.responseText)
Log:
Starting Import: https://34.95.76.221/importer/start/CATALOG001?file=test.xml
Chrome console error:
Importer-Controls.vue:103 POST https://34.95.76.221/importer/start/CATALOG001?file=test.xml net::ERR_CONNECTION_CLOSED
You are trying to make an insecure request from a secure context. You either need to enable SSL for your "internal services" or you need to build a service that proxies the request from HTTPS->HTTP.
For example, you could make a simple Cloud Run app that wraps the HTTP request and performs it on the backend instead of on the frontend. Then your frontend could make an HTTPS request to the proxy.
I recently built a Vue.js application with Okta authentication. I am attempting to deploy this application on Netlify. After setting up a new project in Netlify, I imported the Vue.js application into the Netlify project from GitHub. I reconfigured the router in the application so that redirect_uri in the Okta initializer reflects the new Netlify URL:
import Auth from "#okta/okta-vue";
Vue.use(Auth, {
issuer: "https://xxx-xxxxxx.okta.com/oauth2/default",
client_id: "xxxxxxxxxxxxxxxxxxxx",
redirect_uri: "https://xxxxxxxxx-xxxx-xxxxxx.netlify.com/implicit/callback",
scope: "openid profile email"
});
After deploying the application and clicking the login button, I should be redirected to the default Okta login page. However, I am instead redirected to a page that says "page not found: Looks like you've followed a broken link or entered a URL that doesn't exist on this site."
I even made sure to whitelist that URL in my Okta dashboard. Any idea why Netlify doesn't recognize the new redirect_uri? Thanks!
Since you're deploying a SPA, you need to route all routes to your index.html and let Vue handle them.
According to this article, you need to add a _redirects file to your publish directory with the following line to take advantage of browser history pushstate:
/* /index.html 200
For more info, see Netlify's docs.
I solved the CORS issue. In the Okta Dashboard, I added the redirecting URL as an original URL under API > Trusted Origins. I selected Add Origin to specify the base URL of the website, then selected CORS. See : https://support.okta.com/help/s/article/CORS-error-when-accessing-Okta-APIs-from-front-end
I tried to sign in to Auth0 with the new package (https://github.com/auth0/auth0-spa-js).
Attempt 1: I did try a best practice that uses cy.request() but seem like new the auth0-spa-js package now requires a random state string (which I don't have and it was generated from loginWithRedirect function) in the request URL. So I can not call sign in API of Auth0
Attempt 2: I set "chromeWebSecurity": false, I click sign in button -> my web is redirected to Auth0 page, the URL is load correctly but Auth0 refused to display 'auth0 url' in a frame because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
Does you guy have any solution for this situation?
For now, this is the workaround solution of me.
Disable chrome security in Cypress config.
Login through the auth0 page (we will redirect to log-in page and log out due to the fact that I cannot generate the random state in the new auth0 package: auth0-spa-js)
Note: If you’re not custom login page in auth0, use the classic page in Universal Login. I found that the new UI of Auth0 login page has a lot of security enhance that prevents us render auth0 in an iframe. (like image below)
Auth0 seting
Then, Go to Auth0 -> Tenant Setting -> Advanced -> Enable Clickjacking Protection to allow auth0 load in an iframe.
Enalbe Clickjacking
Ok, that all the step that I did to make it work. Hope this help you
What is the best way to customize ADFS to use a specific, configurable home realm if one was not provided?
My current method is to perform an HTTP redirect from the ADFS WebForms aspx file, but that seems a bit hackish.
I don't want my Relying Parties to be concerned with the home realms.
I think that a good approach would be to add a few lines within the ADFS HomeRealmDiscovery page in order to read the "DefaultHomeRealm" setting from the ADFS web.config file.
Steps
Go to C:\inetpub\adfs\ls
Open the HomeRealmDiscovery.aspx.cs
In the Page_Init method, add something like:
if (ConfigurationManager.AppSettings["DefaultHomeRealm"] != null)
{
SelectHomeRealm(ConfigurationManager.AppSettings["DefaultHomeRealm"]);
}
Open the web.config file
On the appSettings section, add:
add key="DefaultHomeRealm" value="Default ADFS Federation Service Identifier"
Do not forget to replace the service URI that you want to be defaulted.
For more information you can check:
SelectHomeRealm method
ADFS pages customization
I have successfully used this approach.
I hope it helps :)
Seba
Have a look at:
Windows Identity Foundation (WIF): How to Utilize the WS-Federation WHR Parameter to Bypass Home Realm Discovery (HRD).
The WS-Federation passive WHR parameter is used to bypass home realm discovery (HRD)
I'm developing a web application with GlassFish 3.1 and JSF 2.0 / EJB 3.1. Some of my pages are secured. The secured URL-Parts are defined in the web.xml as URL-patterns. These pages are secured through a security-realm which redirects to a login page also defined in the web.xml as login.xhtml. On the login.xhtml my inputfields for username and password are connected to a session scoped backing bean which executes:
ExternalContext ec = getExternalContext();
HttpServletRequest request = getHttpServletRequest(ec);
request.login(username, password);
The EJB container is responsible for redirecting all incoming requests to secured areas with an invalid session to this page.
But, for example the user is bookmarking the page index.xhtml and was requesting this page. First he has to login over login.xhtml. He authenticates himself by typing his username+password and clicking the submit button.
The problem is: How to determine the target adress, in this case index.html?
The method request.getRequestURI() shows login.xhtml and not index.html. I can redirect always to index.xhtml, but what if the user has typed in xyz.xhtml? Is there any way?
Thanks
Adem
The original request information are stored in the request object with the following keys:
"javax.servlet.forward.request_uri"
"javax.servlet.forward.query_string"