I have enabled IWA on WSO2 IS 5.0 and configured the browser for the same. Now when I try to access the SP through non-domain user , I get browser pop-up to enter the user credentials. Now when I cancel the prompt I get a Apache default error page for 401.
Is there any way wherein I can configure customize error page for the same? I tried to configure the error-page tag in D[WSO2_IS_HOME]\repository\conf\tomcat\web.xml but this doesn't work for me.
If I configure for an existing general error page like this
<error-page>
<error-code>401</error-code>
<location>test/generic-exception-response.jsp</location>
</error-page>
it displays the carbon login page and on encountering 401. On entering the login details here I get the configured error page
I'm sure some security setting is avoiding this to work as expected. Can anybody give me pointers to the solution?
Related
I have a question regarding SQL Server Reporting Services 2019:
We have received a HTTPS-certificate and added a URL for both Web Service and Web Portal. When we try to access either /Reports or /ReportServer on HTTP we can get through with no problem, but when we try to access on HTTPS then we are met with a logon dialog which will give three attempts at log on before displaying a white page. All attempts at entering a valid combination of user name and password returns a 401 error.
We've tried removing and reinserting all bindings for HTTP, HTTPS, SSL, changing logon mechanism in the config file to use Kerberos, NTLM or a combination of those but nothing works.
Does anyone what the source of this problem might be and how to solve it?
We figured out what the problem was. Authentication issues did not behave the same for HTTP and HTTPS. My test user wasn't a member of the correct user group. Once we gave it "System User" access then we could log in.
I just started to learn about Google Analytics Embed API from "https://developers.google.com/analytics/devguides/reporting/embed/v1/getting-started"
I followed their example, and deployed my HTML file onto local Tomcat server hosting at port 8080. I've added everything they mentioned including the whitelists for the host origin etc, provided my OAuth 2.0 key
when I hit my HTML page and logged in with google, I keep on getting 403 error when requesting for "https://content.googleapis.com/analytics/v3/management/accountSummaries?max-results=0&_src=embed-api%3Av1"
Anybody has any suggestions where I might have gone wrong?
p.s. the only thing I see on my page after login with Google is "You are logged in as: ***********#gmail.com"
Thanks,
Shen
Upon checking your link, I can see that the error code is 401. Regarding that error, you can check this SO thread.
I think you need to set up a service account as advised in answer.
By setting up a service account in Google apis console it will
allow you to access your own data with out needing to login and
autenticate the code all the time.
I have an OpenSearch provider that I am trying to integrate with Sharepoint (Online). This provider is protected by authentication.
Sharepoint supports Cookie or Form authentication for OpenSearch. When I give a url with login page and click Enter Credentials it shows my page, I enter my credentials and it shows popup asking if authentication was successful. I clicked yes and then it gives the following error:
"An error occurred when communicating with the remote server. This may be because the URL provided was malformed or the site might be unavailable or it could not be reached within the specified timeout or the proxy settings are not configured."
I have tried multiple sites, including for example google:
https://accounts.google.com/ServiceLogin?hl=fr&continue=https://www.google.fr/%3Fgfe_rd%3Dcr%26ei%3D9j-lVdXLMYXF8AesrK-4Dg%26gws_rd%3Dssl#identifier
Do you know if there are some required configuration on the site?
I am using version 5.1 of Pentaho DI (Kettle) and am having an issue with the "Rest Client" step. The step executes properly and successfully, but the result says I do not have permission to use the API. I have confirmed in another tool that I do have permission. I have entered my login information on the Authentication tab and have built my URL to include my token.
What am I missing?
ADDITIONAL INFO: I am having the same issue with the "HTTP Post" step. The status being returned from the API is 403.
403 is "Forbidden". Check that you have the correct credentials to access the webservice. The request went through and the server rejected sending the response because username/password are not correct or otherwise the user does not have permissions for that request. Can you see the response correctly in a browser when you enter EXACTLY the same credentials? To avoid active browser sessions masking the real issue I'd test it on incognito/private browsing mode on the browser.
I am using NTLM authentication with ldap.
When i click 'cancel' in the above popup, it gives 'Authorization required' message as below
I want it to redirect on a custom url on 'Cancel' click. How can i achieve it?
Cancel has the same effect as no authentication, so you're going to get a 401 error code for both Cancel and bad authorizations. In that case, you can set up custom URLs for error codes as described here. The custom error is virtual-host scoped if I recall correctly, so this will be shown for all authentication errors for that particular domain.
If you want to get more control of it, you have to prevent the authentication challenge from happening via http at the server level. This means bringing it down to the web application level where you need to make your pages check that authentication has properly occurred. If you're serving static web pages, this obviously won't work.