HTTPS generates back-end issues - ssl

One of my old website is running TYPO3 v4.5.
I bought a SSL certificate and my sys admin installed it on the server.
the front-end is running well on https
tha back-end login form runs weird : one time my login/password are ok, but sometimes it doesn't allow me to enter the back-end.
It is totally random and in Firebug, I have no clue in the console or in the network tab to help me. Same behavior for Chrome, FF or IE.
I tried a lot of parameters :
[BE]LockSSL = 1
[SYS][reverseProxyIP] with " ... "
[SYS][reverseProxySSL] with " * "
[SYS][cookieSecure] = 1
I event tried a lot of different combinations, with no success.
Please notice that I also get a TYPO3 6.2 website and those parameters work perfectly on it. I guess that I am missing somthing for v4.5 ?

Check the BE cookieDomain configuration!

Related

Postman still sends to old sever although I updated its' variable

Postman still sends to old sever although I updated its' variable. It works correctly on the web app. I've changed the server & linked the new server with the same sub-domain and deployed the same old app.
The windows app
The web app - works fine and it responds as it should
I changed the variable of the URL
I tried to create a new environment - didn't work
I tried to remove the entire workspace - didn't work
I un/re-installed the app - didn't work either
Is there a cache in the app itself or something to clear it to get the new value?
appreciate your help. T^T
An example to clarify my issue:
I have a subdomain: backend.mydomain.com
I've linked my server IP 152.50.133.60
so backend.mydomain.com points to -> 152.50.133.60
I made backend.mydomain.com free again to use it on a different server
Now I linked my new server IP 163.33.80.92
Now my backend.mydomain.com points to -> 163.33.80.92 & it works fine on (the postman web app & chrome)
When I try from PC app it still has the old value as in console pic
It worked after:
Signed Out.
Made a request not signed in.
Signed in again, then made a request it worked.
No clue why though!

"CAS Authentication Wanted!" Laravel 5.5

I am using subfission/cas "dev-master" branch with Laravel 5.5, PHP 7.0.27 with phpCAS 1.3.5. I have two servers (test and prod) with identical Laravel installations. However, when I go to log in via CAS, one server redirects to the appropriate login screen, while another gives me a white screen with:
CAS Authentication wanted!
You should already have been redirected to the CAS server. Click here
to continue. phpCAS 1.3.5 using server https://example.com/cas/
(CAS 2.0)
Clicking on "click here" sends me where I need to go, but I'm very confused as to how this error occurs or even what it means. There doesn't seem to be much documentation on this
I just had the same problem. Worked fine on local dev, but failed when I went to production. I downgraded to ~2.0.9 and it fixed the issue. (I'm using Laravel 5.4)

Missing configuration for the issuer of security tokens error

I inherited an existing project without its development environment. I have UAT code and a backup of the Production database. I can run up the site locally via Visual Studio but have hit an authentication problem trying to setup a fresh standalone DEV server on AWS (single server, no load balancer). The doco indicates the Prod server is a dual server setup with a load balancer.
The front end site pages do display, although some search is not working. On trying to log into the backend pages, Chrome returns "The xxx page isn't working. xxx redirected you too many times." Using developer tools, I can see the page redirects back and forth between SWT?realm=... and sitefinity?wrap_defalted=true&wrap_access_token... On the second redirect response header there is "X-Authentication-Error:Missing configuration for the issuer of security tokens 'https://xxx/Sitefinity/Authenticate/SWT' "
I tried different values in the web.config lines:
<federatedAuthentication>
<wsFederation passiveRedirectEnabled="true" issuer="http://localhost" realm="http://localhost" requireHttps="true"/>
<cookieHandler requireSsl="false"/>
</federatedAuthentication>
but that actually made things worse so I have reverted.
I checked all the settings mentioned in http://docs.sitefinity.com/administration-switch-to-claims-based-authentication and they seem to be set correctly. I don't really know what else I can check to get this working.
I found http://docs.sitefinity.com/administration-configure-security, but it does not seem like these settings are set (I don't have access to Prod server so can't confirm if it is actually setup with load balancing). I am currently using a 30 day trial license so am not sure if this is contributing to the problem. The official license is in the process of being transferred by the client. The domain name associated with the official license would be different to the domain my new server is currently running on.
I am also running version 8 code on a version 9 install of Sitefinity. I wanted to get it working before I tried to upgrade the code. I think there was also an assembly load to manifest mismatch when I tried upgrading my local version.
Found the solution: Don't mess with the SecurityConfig.config file.
<securityTokenIssuers>
<add key="B886AA7BFB5515BA63F577A44BBEB5C7AE674035514D128BC397346B11F4C97A" encoding="Hexadecimal" membershipProvider="Default" realm="http://localhost" />
</securityTokenIssuers>
<relyingParties>
<add key="B886AA7BFB5515BA63F577A44BBEB5C7AE674035514D128BC397346B11F4C97A" encoding="Hexadecimal" realm="http://localhost" />
</relyingParties>
Even though it is running on a server, the above lines should still point to localhost. It seems like these only need to be edited if you have a multi-server setup with an entirely separate STS.
I initially changed it to match the new domain name, but after some experimentation around adding localhost and HTTP variations, it seems like it works best with just localhost.
Even when I changed the web.config entry above to use the new domain as the issuer instead of localhost and the SecureConfig.config to specify only the new domain as the realms, it didn't seem to work. I guess the authentication must try to hit localhost specifically.

cannot connect to genymotion and getting proxy error

I have dowloaded latest version of genymotion with proxy server 2.2.2 and while connecting i am getting invalid reply from server (do you use a proxy?). I am not using proxy for sure. Any ideas?
Answer, its all about the http proxy server on the genymotion settings just UNCHECK on the genymotion setting or remover the http proxy server by UN-ticking the ability to enter HTTP PROXY and PORT let it be blank by unckecking hence login your credentials, if it doesn't work try confirming you email with genymotion.
In my case I went to Settings > Network > I checked "Use HTTP Proxy" and I filled the Http Proxy and port fields (with company proxy valid values).
After that I connect smoothly as silk.
I had the same problem in ubuntu and after some struggle when i was almost giving up i stop the docker (had one instance running in port 3337 in my PC) and for my surprise it's finally work.
I had a similar issue (invalid reply from server without Proxy, on a highly customized and quite broken ubuntu 16.04). nothing of the above helped. (seemingly)
Then I visited this site:
http://qaru.site/questions/835901/genymotion-stuck-on-splash-screen
(well, you have to let google translate it, if you are not russian)
the error described there is completely different. (computer crash resulting in different networking issues)
but it had one thing in common with my case:
everything worked fine, and then suddenly: SOME NETWORKING ERROR - without reason
well, for me, the solution was the same as described on the russian page:
removing a (corrupted?!) conf file.
the conf file was at (my home folder)/.config/Genymobile/Genymotion.conf
i deleted it (i had to do it with root, because the file was owned by root, but this might have been the case because i messed a bit with genymotion...)
Then, i restarted genymotion and logged in again and it worked like a charm.
I had to allow Genymtion.exe in windows firewall. I'm using v3
Had the same problem, managed it using a VPN.

Glimpse output not appearing on MVC 4

I have been through all the instructions and FAQ's regarding how to get glimpse to work.
I am however running MVC 4....
I have installed the Glimpse.MVC package as well as straight Glimpse.
It all configures just fine. I even added my own IP to the config.
On the client, under Chrome I can run Glimpse.AXD and it informs me that Glimpse is on.
In the associated "Config Settings: it shows:
•On = True
•Allowed IP's =
1.127.0.0.1
2.::1
3.192.168.97.180
•Allowed ContentType's =
1.text/html
2.application/json
•Blacklisted Plugins =
Under "Your Settings" it shows:
•IP = ::1
•glimpseState = On
I note that this last list shows an IPV6 address (::1) but I don't know if this is incorrect or how to change it if it is wrong.
So the first question is "what is the difference between "config settings" and "Your Settings"
Same result in IE 9.
Second and real question is: Why do I get no Glimpse output when everything seems to be configured properly?
Support for MVC4 has recently been announced for Glimpse, you can download it from NuGet.
If you use the version linked to (1.1), you should have no problems.
I had similar problem where glimpse wasn't appearing after installing through nuget.
In my case I forgot to enable glimpse for the first time after installing it.
To resolve this, goto http://applicationpath/Glimpse.axd and you will see a big button to enable glimpse which will just set cookie on the client. Refresh the screen and Glimpse appeared.
Have you tried clicking?
If you application is services only the GUI will not show.