I want to show CAPTCHA in login form of Shibboleth after X failed logins. How can I do it? I am using Shibboleth IdP 3.3.1.1 and there is no Internet access in production environment, so I can't use something like Google reCAPTCHA.
What you are looking for probably is local-offline captcha. Nothing to do with Shibboleth.
You can use Simple Captcha or Kaptcha or any other such library.
This answer may be useful.
Related
Guess we are all tired of login and password system and want to go passwordless.
I saw that the only solution to login without hassle is via SAML, well bad news you have to pay some SaaS apps like slack, miro, agile crm... to have access to SAML configurations.
I'm trying to build a website, like a portal where I have links to thoses website and I just click on them and I'm auto sign-in (SSO Dashboard).
I don't want to be dependent of in-browser remember password or any password keeper like bitwarden. I want to store all of my user pass in my database.
Any hints to do this ?
I already tried this solution : https://crunchify.com/automatic-html-login-using-post-method-autologin-a-website-on-double-click/ it doesn't work at all.
I'm using Testcafe to test a corporate web solution.
One of the ways we authenticate is Windows authentication.
If this type of authentication is enabled, on the page load, a native dialog appears and I have to type in user name and password and click Sign In, or Cancel.
I couldn't find an explanation or example of this in TestCafe.
Can anyone please help with this?
You can use the approach described in the HTTP Authentication topic for this purpose.
I'm using okta to sign-in to my react based web application. There is an edit action within the app that requires the user to re-enter his password. I've checked the docs and couldn't find anything similar. The closest I got to was the 're-authenticate' user part. However, that's only based on time. I want to achieve similar functionality based on an event(say, button click). Can I do this using refresh tokens? (I'm not clear about the whole idea of refresh token). Is there a workaround or a specific okta API that allows me to do this?
I have contacted Okta support and they advised me to use the Okta MFA factors(OTP to email/phone, Google Auth etc.) and not to prompt the user to enter a password.
MFA Factors API: https://developer.okta.com/docs/reference/api/factors/
I have a strange request for a project - we have a text file containing a list of login credentials for Dropbox for around 10 users. I have to validate their credentials automatically and notify the users if login fails with their credentials.
I've looked at the dropbox API, but that uses OAuth, which requires the user to manually fill in credentials, but that doesn't do the trick for me.
Is there a way for me to check if a bunch of logins? I've looked at the DropboxUpload repository on github, but it works fine for single user logins, but fails to achieve what I want when it comes to checking the same thing for multiple users.
Any help/leads on how I should go about proceeding with this would be greatly appreciated!
Many thanks,
John
You can use dropbox webpage to check user credentials doing normal login/logout but in an automated way.
To create a "bot" which will login and logout and check if credentials are correct you can use Selenium.
Selenium is a framework for testing web page ui but it can also be used to create automated checker/tester/bot for what you need.
It is also possible to setup selenium in a such way that it will use renderless browser engine so no browser will be visible during test/check. This also speeds up the process of testing.
I hope this will help you if you'll not find any better way and can be used as a final solution since it is not the best way to check credentials
I am trying to find a social login solution just like StackOverflow uses.
Currently, I am experimenting with OneAll Social Login which works great with the exception that my new users have to manually create their own accounts, wait for emails and then sign themselves into the site - I want that process to be handled automatically.
Can anyone suggest an alternative to Oneall which will allow my users to select their social networking login option and then be registered and signed in automatically on my site OR how I might extend Oneall to do it?
Thank you!
Facebook connect does exactly that for FB.