I am trying register a user in my keyrock installed on my own computer.
I put localhost:8000/ in firefox, and it redirects me to fiwareLab. But when I want to sing up a user, everything is ok, but then, when I guess that I have to confirm the account, the page show me "Activation key invalid" and in my console, the computer show me
enter image description here
So, I think that I have to enable the two factor authentication, but I don't know.
Could you help me, please?
Thank you so much.
To create a new user, you have to do the following steps:
In the IdM Horizon login screen, instead of put username, password and click sign in, just click on Sign up link or use idm_ip:8000/sign_up/ directly on your browser. After that, type information about the new user (username, email and password), check the I accept FIWARE... box and click Sign Up button.
Now, out of the container, see the log through:
docker logs <container_name>
There, you will see, in the last lines of the log, the activation link that was supposed to be sent to the new user's email. Copy it, paste on your browser and modify the fiware-lab host on the url specifying your IdM Keyrock address. This way, your new user will be activated through the passed code.
I hope this can help you.
Related
In the terminal I executed this command:
amplify pull --appId d2nb7sae2nlt33 --envName staging
which gave me this response in the termina:
Opening link: https://us-east-1.admin.amplifyapp.com/admin/d2nb7sae2nlt33/staging/verify/
Continue in browser to log in…
In the browser, I'm asked to enter a username and password. I enter my aws root username and password, and I'm told they're incorrect. That username/password works everywhere else in AWS.
Am I supposed to set up some other user name/password for AWS Amplify?
The answer in my case was:
1 You should be clear about which backend you are using. If you have two backends, then d2nb7sae2nlt33 above may not refer to the backend where you have set up your credentials, and
No, the root user is not what you need to enter. The app needs to have an admin user set up. You set it up with a user, which sends an invite to an email, and you respond with a temp password, then set it up with a real password.
go to https://console.aws.amazon.co/amplify (there may be more, like the region, but that's the general idea)
then from the side menu go to Admin UI management under App Settings.
then Invite Users, big orange button in Access Control Settings.
This should get you on your way.
I work under Odoo11 with the Python3 language.
When the person goes to a web page, I want them to automatically connect without going through an authentication page. Is that possible? And if so, by what means? Controllers, url to change?
I don't have any code to suggest, because I don't know where to start.
Thanks for your understanding and thanks for your help!
EDIT :
I have a list on the Odoo website visible to only one user.
If I sign in with another internal user, I don't see this list.
There are several people who need to access this list. The url in question will be given only to these people.
I just want to avoid them an authentication page. It is a request made by our hierarchy.
My idea was to call a function "to disconnect" from Odoo (in case they have an open session) then pass the connection parameters (hard for example) with the username and password but only for a url.
My use_case I will say,
Url access -> Disconnect Session -> Connect Odoo session with username and password with parameters in my controller -> redirection to this url
Thank you
I am using Keycloak and I want to enable Forgot password flow. I have enabled Forgot password in login and configured SMTP to send email.
What I get out of the box from keycloak is the following
-> Click on Forgot password link -> Enter username or email -> User receives an Email with reset link -> Click on the link -> Reset password, then submit -> User is logged in then The user is redirected to account page.
What I want to acheive is the following
-> Click on Forgot password link -> Enter username or email -> User receives an Email with reset link -> Click on the link -> Reset password, then submit -> Display a message saying "Your password has been updated." and do not login the user. stay on that page.
The reason for this is, for my use-case, the user shouldn't access the account page on Keycloak.
In the authentication flow of reset credentials, I can only configure up to reset credentials.
Is there any way I can disable this action of logging in the user automatically after password reset, then redirecting to account page?
I have looked into several questions, but I cannot find an answer on how this can be achieved.
PS: I am using Keycloak docker image with a custom theme. If this can be configured using custom theme options, I have the chance to do it.
Thank you in advance.
Go to your keaycloak admin console, Authentication and desable "Update Profile"
Hopo it helps :)
We faced similar issue during keycloak usage and solved it via implementing custom Action Token and Action token handler (docs). Also check out original keycloak reset credentials action token sources:
ActionToken
ActionTokenHandler
Try to play around AbstractActionTokenHander.startFreshAuthenticationSession() there several attributes that define Keycloak behaviour during reset flow like:
authSession.setRedirectUri(token.getNote(OIDCLoginProtocol.REDIRECT_URI_PARAM));
authSession.setAuthNote(AuthenticationManager.END_AFTER_REQUIRED_ACTIONS, "true");
authSession.setAuthNote(AuthenticationManager.SET_REDIRECT_URI_AFTER_REQUIRED_ACTIONS, "true");
authSession.setAuthNote(AuthenticationManager.END_AFTER_REQUIRED_ACTIONS, "true");
If you're using your own client for the login page, the specified redirect, or the client default (Base URL) will direct where the user is sent after the password reset.
We did see that when using an admin-directed password reset, this behavior would occur (user sent to Keycloak account page). So, we simply adjusted the Base URL value for the account client so that it points to the home page of our primarily application.
Then, after the account client is used to reset the password, the default redirect is to our home page.
i want an automaticalle login in my services when the user is already logged in into cas.
At the moment i must click the login button in every service manually to login.
My goal is when i'am logged in into cas and i join for example my jenkins service my user logged in automatically without clicking the log in button.
Can someone help me?
If you're using something like Spring Security or similar to manage it, then it can do it automatically for you. But since you seems to be making a Single Page Application(as you've said that you're needing a loggin button), and by going with that assuption, you'd need to have that login anyways. Except of course if you've set a script to check if there's a valid cookie already. More details appreciated(sorry, can't just comment)
Now, I am trying to use Collabnet Subversion Edge authentication with Active Directory. At that, I found a problem.
Some user in AD can enter into Collabnet and some are not. Actually, all user in my AD server are created by script. So, all configuration except username and password are equal. But some cannot enter into Collabnet. So, I check the collabnet log. It shows "Password Mismatch" error for all invalid user. But we type the right password.
And then we test by changing account password. No changes. Then, I created a new account and log-in into Collabnet. It is OK. I don't know what should do.
Summary, In my authentication with AD, Newly Created user can log-in into Collabnet, Old User who success first time can also log-in and some user are always "Password Mismatch" even I type right password. I tried every possible way what I think, but It is not work.
Anyone faced like this one? Someone Help me. Thanks.