I am trying to create some xsodata services using SAP Hana XS Engine. I have created a .xsaccess file at global folder level which has the following content:
{
"exposed": true,
"authentication" : null
}
I have a services folder inside my parent folder where I have created a test service. The content of the service is
service namespace "example.services" {
"TESTUSER1"."testdb" as "testdb";
}
But when I hit this url: /example/services/example.xsodata/testdb I get a 403 error. To verify if my .xsaccess if working fine, I created a dummy html file in the same folder as example.xsodata service. If I hit that link, it works fine and does not ask me any authentication.
To extend it further, I added .xsaccess file in services folder and added the same content as that mentioned above. It still gives 403 error to my example.xsodata service. To try this even further, I made the services/.xsaccess to have this content
{
"exposed": true,
"authentication" : [{"method":"Basic"}]
}
This prompted me for username/password and when i entered the values, it showed me the correct data as I expected.
I am utterly confused here because I want to make the services without authentication (for which i set authentication as null) and it is not working.
Please help me understand what am I missing here. Any help is really appreciable.
Answering my own question. Please follow this link from sap community network to get answer: http://scn.sap.com/thread/3496997
Related
I don't think this issue is specific to PyDrive, but rather Google OAuth. However, some of the solutions I've seen on stackoverflow don't seem to be transferable over to my PyDrive application, which is just a python script to upload files programmatically to a shared drive. It worked fine 2 months ago but I tried to rerun it today and it's not working. Here is the error I'm getting:
Authorisation Error
Error 400: invalid_request
You can't sign in to this app because it doesn't comply with Google's OAuth 2.0 policy for keeping apps secure.
You can let the app developer know that this app doesn't comply with one or more Google validation rules.
Request Details
The content in this section has been provided by the app developer. This content has not been reviewed or verified by Google.
If you’re the app developer, make sure that these request details comply with Google policies.
redirect_uri: urn:ietf:wg:oauth:2.0:oob
I am using a web application OAuth 2.0 Client ID creds on GCP. All secrets are stored in a local client_secrets.json file.
I run my script, it sends a message to the console that says
Go to the following link in your browser:
https://accounts.google.com/o/oauth2/auth?client_id=blahblahblah.apps.googleusercontent.com&redirect_uri=urn%3Aietf%3Awg%3Aoauth%3A2.0%3Aoob&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fdrive&access_type=offline&response_type=code
Enter verification code:
How it used to work: After I click the link above, it returns a code I paste into the console and then its authenticated. FYI: I plan on running this 24/7 on a remote server.
Now: I click the link above and get the error I posted above. I've tried to change the redirect uri to 127.0.0.1 and it does allow me to auth, then I get a code in my URL, but once I copy that and paste it into the console, I get more errors.
Anyone know the solution for this?
I am trying to enroll a user on my Moodle site via using the Moodle API.
My Moodle instance is hosted on AWS and all relevant ports are open and listening. So, from the network perspective, I can commit that is all ok.
The steps I have already done based on Moodle Documentation:
I have enabled web services on Administration > Mobile app >Mobile settings
I have gone through the 10 steps on the overview of allowing an external system to control Moodle as explained in the documentation (shown also in this Youtube video)
For testing purposes, I am using Postman. Some requests are going through (e.g. getting the token for a certain user, getting the list of all courses, etc.)
Example:
But when I try to i.e. create a user or enroll a user in an existing course I am getting this error:
{
"exception": "webservice_access_exception",
"errorcode": "accessexception",
"message": "Access control exception"
}
The way I am trying to i.e. create the user is as follows:
In the body section I am sending the following data:
users[0][username]
users[0][email]
users[0][lastname]
users[0][firstname]
users[0][password]
Based on my research, most of the contributors suggested enabling web services, but as mentioned above I have enabled them but the problem persists.
Can someone help me solve the issue here or maybe suggest a way of debugging it?
Fortunately, I managed to solve the issue for both user creation and user enrollment.
Here is a great guide that helped me. In addition, you need to add some additional functions to the web service (roles wary based on what you want to do in Moodle) and also you need to alter the permissions of the new user (again depending on what you want to do)...
I develop an AC/SpringBoot Jira plugin which needs to store properties in the host application. Atlassian provides Hosted Data Storage which I like to use.
I ran a test via Firefox RESTClient to play around with this feature.
When issuing a GET request to this URL:
https://kuespert-dev.atlassian.net/rest/atlassian-connect/1/addons/<MY-PLUGIN-KEY>
while being logged in to my Jira/Cloud instance on another tab everything is fine: I get back information about my plugin, including the key.
However, when issuing a PUT request to set a variable (like described in the documentation mentioned above) using this URL:
https://kuespert-dev.atlassian.net/rest/atlassian-connect/1/addons/<MY-PLUGIN-KEY>/properties/testProperty
and this request body:
{"string":"string-value","number":5}
as well as the required header:
Content-Type: application/json
I get back this response:
{
"status-code": 404,
"message": "Add-on with key does not exist."
}
This is a bit irritating, since the first REST call did find my plugin while the second to the sub-resource did not.
A similar question was already asked on the 'Atlassian Community' site, but no solution was found until today.
Maybe it's just a wrong error message or something similar. Does anybody here have experience with the 'Hosted Data Storage' feature and can help?
Thanks,
Matthias
I can't get the sample External Authentication Services with Web API(C#) to work with Google. I created a project by following the instructions. However, I noticed that my project created a slightly different code in Startup.ConfigureAuth() method.
app.UseGoogleAuthentication(new GoogleOAuth2AuthenticationOptions()
{
ClientId = "<valid client id here>",
ClientSecret = "<valid secret here>",
});
The code in the sample does not have the initialization part but without it the code will not even compile.
When I run the app I get the option on the Log In screen to use Google as a service to log in. I'm then taken to Google's site and asked to allow my app to use my info. The app's name appears to be correct so I have to assume that ClientId/ClientSecret provided above are correct. However, when I click "Allow" button I'm taken back to the Log In page instead of the Register page as illustrated in the example.Has anyone managed to make the sample work with Google authentication? If yes, could you please share workarounds, if any.Thanks.
I finally found the source of the problem with a help of a post on this site. Unfortunately I lost the link to the post. Anyway, the solution is to make sure that Google+ APIs are enabled in Google Console for the project - they are not enabled by default. The details can be found here (as suggested by the post).
Has anybody managed to successfully combine Google authentication with Burt Beckwith's awesome Grails-based Spring Security plugin recently? I wanted to go down that path with Grails 2.4.3, and after some fooling around (and recompiling the donbeave version of the plugin at https://github.com/donbeave/grails-spring-security-oauth-google) I was able to find a combination of references that would compile and run together. I ended up adding the following lines to my BuildConfig.groovy:
compile ':spring-security-core:2.0-RC4'
compile ":spring-security-oauth:2.1.0-RC4"
compile ':spring-security-oauth-google:0.3.1'
I found, however, that the changes created by the initialization command “grails s2-init-oauth” don’t give me all the modifications that I need in order to move forward. I ended up adding a block to my config.groovy that looked like this:
oauth {
providers {
google {
api = org.grails.plugin.springsecurity.oauth.GoogleApi20
key = 'MY KEY'
secret = 'MY SECRET'
successUri = '/oauth/google/success'
failureUri = '/oauth/google/error'
callback = "${baseURL}/oauth/google/callback"
scope = 'https://www.googleapis.com/auth/userinfo.profile https://www.googleapis.com/auth/userinfo.email'
}
}
}
These config definitions specify a callback in my code (referred to above as ./oauth/google/callback) which didn’t exist. After I brought in a controller from the recommended example (https://github.com/bagage/grails-google-authentification-example), substituted "/springSecurityOAuth/onSuccess" for "/oauth/google/callback", (and registered by redirect URL through the Google Developers Console) I found that my onSuccess method was indeed being called, but the data structures referenced in the controller were wrong, and it seemed as if I would need to largely rewrite the controller logic in order to get everything working. I have to assume that other people want to accomplish Google-based authentication in the same way that I do. Is there an complete operational example somewhere? Or can someone tell me where I’ve gone wrong in my attempt to utilize the standard plug-ins? Thanks for any assistance.
You need to use spring security oauth plugin also. Please refer here https://github.com/cazacugmihai/grails-spring-security-oauth,
When you click on button, it hits the authenticate action inside Oauth controller which gets
authentication()
url of the google. After successful authentication, it hits callback() action Of Oauth controller which then redirects to onSuccess() action of SpringSecurityOauthController which then saves the info to OAuthId domain and finally redirects to the successUri given in config.