I am trying to upload an image to a finagle (netty) server. For the OPTIONS request I return the following:
curl -X OPTIONS http://localhost:8686/images -i
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST
Browser (FireBug): http://s15.postimg.org/vtdzyfshn/Screen_Shot_2014_09_02_at_9_49_05_PM.png
The following POST request fails with
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote
resource at http://localhost:8686/images. This can be fixed by moving the resource
to the same domain or enabling CORS.
FireBug 1 (Console): http://s30.postimg.org/9utq4ridt/Screen_Shot_2014_09_02_at_9_53_41_PM.png
FireBug 2 (Net Tab): http://s16.postimg.org/jyblxfcv9/Screen_Shot_2014_09_02_at_9_54_37_PM.png
FireBug 3 (Net Tab - POST): http://s14.postimg.org/e8czua2wh/Screen_Shot_2014_09_02_at_9_54_47_PM.png
Any idea what I am missing?
(I am using this upload script: http://www.extremecss.com/creating-asynchronous-file-upload-system-using-html5-file-api/
You have to return the CORS headers (Access-Control-Allow-Origin: *) within the response header to your POST as well, instead of just within the OPTIONS response.
I'm trying to get devise to return a 401 and error message when trying to request an endpoint without proper authentication.
Currently this is what is happening:
Started GET "/api/v1/home/index.json" for 127.0.0.1 at 2013-02-27 02:40:22 +0000
Processing by HomeController#index as JSON
Completed 401 Unauthorized in 0ms
Started GET "/api/v1/sign_in.json" for 127.0.0.1 at 2013-02-27 02:40:22 +0000
Processing by SessionsController#new as JSON
Completed 406 Not Acceptable in 1ms (ActiveRecord: 0.0ms)
How can I stop devise from bouncing me to sign_in and instead get it to just return a 401/json response.
I'm thinking this may have to do with a CustomFailureApp, which I have tried, but I'm not sure the CustomFailureApp is being called in this particular scenario.
You could make a custom failure app.
class JsonFailureApp < Devise::FailureApp
def respond
self.status = 401
self.content_type = 'json'
self.response_body = '{"error" : "Authentication error"}'
end
end
Add this to your devise initializer
config.warden do |manager|
manager.failure_app = JsonFailureApp
end
I'm currently trying to implement Devise with LDAP Authentication on RAILS3. I've got it setup and it appears to connect and try to auth, but appears to fail. I don't seem to get any sort of real error messages to work with so its very difficult to take it any further.
Log of login session:
Started POST "/users/sign_in" for 192.168.160.1 at Tue Dec 06 05:20:16 +0000 2011
Processing by Devise::SessionsController#create as HTML
Parameters: {"commit"=>"Sign in", "authenticity_token"=>"G2tEq9gPpJiN0RhanTd8HMWno62F+1oLWbU4xdX78bg=", "utf8"=>"\342\234\223", "user"=>{"remember_me"=>"0", "password"=>"[FILTERED]", "login"=>"richmond#email.com"}}
User Load (0.1ms) SELECT `users`.* FROM `users` WHERE `users`.`login` = 'richmond#email.com' LIMIT 1
LDAP: LDAP dn lookup: mail=richmond#email.com
LDAP: LDAP search for login: mail=richmond#email.com
LDAP: Authorizing user mail=richmond#email.com,ou=groupxx,o=company.com
LDAP: LDAP dn lookup: mail=richmond#email.com
LDAP: LDAP search for login: mail=richmond#email.com
Completed 401 Unauthorized in 7147ms
Processing by Devise::SessionsController#new as HTML
Parameters: {"commit"=>"Sign in", "authenticity_token"=>"G2tEq9gPpJiN0RhanTd8HMWno62F+1oLWbU4xdX78bg=", "utf8"=>"\342\234\223", "user"=>{"remember_me"=>"0", "password"=>"[FILTERED]", "login"=>"richmond#email.com"}}
Rendered devise/shared/_links.erb (0.1ms)
Rendered devise/sessions/new.html.erb within layouts/application (5.0ms)
Completed 200 OK in 23ms (Views: 21.4ms | ActiveRecord: 0.0ms)
Started GET "/assets/defaults.js" for 192.168.160.1 at Tue Dec 06 05:20:23 +0000 2011
Served asset /defaults.js - 404 Not Found (3ms)
ActionController::RoutingError (No route matches [GET] "/assets/defaults.js"):
Rendered /usr/local/lib/ruby/gems/1.8/gems/actionpack-3.1.0/lib/action_dispatch/middleware/templates/rescues/routing_error.erb within rescues/layout (0.5ms)
ldap config:
development:
host: ldap.company.com
port: 636
attribute: mail
base: ou=groupxx,o=company.com
#admin_user: cn=admin,dc=test,dc=com
#admin_password: admin_password
ssl: true
# <<: *AUTHORIZATIONS
I don't have access to the LDAP server so I cannot confirm anything from that end. The main issue I have is that I cannot get any error messages out of the login process - Is it not able to find the user? Does it find the user but fail login? Why does it do 2 LDAP searches?
same issue here. Did a ldapsearch, which works however. Company is running an ActiveDirectory server here:
ldapsearch -Z -h ldap.company.com -p 389 -s sub -D
"cn=somebody,ou=my_ou,dc=ldap,dc=company,dc=com" -W -b
"dc=ldap,dc=company,dc=com" "(&(cn=somebody))" mail
Solution:
I have found the solution: In config/initializers/devise.rb I missed to activate config.ldap_use_admin_to_bind = true. Only with this flag, devise_ldap_authenticatable really uses the BindDN (i.e. admin_user, admin_password which both have to be uncommented) defined at config/ldap.yml.
I found out the problem I had was that the LDAP server my company (IBM) uses was using a different protocol standard to the ones officially supported by NET-LDAP.
You simply need to change the PagedResults Control Type to a slightly different standard:
#PagedResults = "1.2.840.113556.1.4.319" # Microsoft evil from RFC 2696
PagedResults = "2.16.840.1.113730.3.4.2" # IBM Bluepages compatible ControlType
Full code change details here.
I forked it and fixed it over here on GitHub.
I did encounter the same problem on my ActiveDirectory. I tried using the bind user but it didn´t help either. I changed devise according to screencast 210 to use the username field. Here´s my ldap.yml
development:
host: dcburda0
port: 636
attribute: cn
base: OU=Organisation,DC=mydomain,DC=com
admin_user: CN=username,OU=Support Center Muenchen,OU=name GmbH,OU=Organisation,DC=mydomain,DC=com
admin_password: password
ssl: true
I was away for a week from coding and when I return chrome will not display my rails app with localhost:3000.
The app has SSL on via config.force_ssl = true.
I thought its an app problem, but on firefox it works well.
From the rails server console window, it seems chrome doesn't send the requests right:
[2011-10-07 09:21:46] ERROR bad Request-Line `\x16\x03\x00\x00U\x01\x00\x00Q\x03\x00Nמ¿י!┐°J=סאו$íK┬╦φ°S^ºí`ó\x00\x17█\x1E⌐פ╙\x00\x00*\x00 \x00ט\x00ח\x009\x008\x00ה\x005\x00E\x00D\x00f\x003\x002\x00צ\x00A\x00\x04\x00\x05\x00/\x00\x16\x00\x13■ \x00'.
while on firefox it is
Started GET "/" for 127.0.0.1 at 2011-10-07 09:22:39 +0200
Processing by PagesController#home as HTML
←[1m←[36mUser Load (0.0ms)←[0m ←[1mSELECT "users".* FROM "users" WHERE "users"."id" IS NULL LIMIT 1←[0m
Rendered pages/home.html.erb within layouts/application (372.0ms)
←[1m←[35mCACHE (0.0ms)←[0m SELECT "users".* FROM "users" WHERE "users"."id" IS NULL LIMIT 1
←[1m←[36mCACHE (0.0ms)←[0m ←[1mSELECT "users".* FROM "users" WHERE "users"."id" IS NULL LIMIT 1←[0m
Rendered layouts/_header.html.erb (2.0ms)
Rendered layouts/_footer.html.erb (0.0ms)
Completed 200 OK in 613ms (Views: 610.0ms | ActiveRecord: 3.0ms)
Anyone know how to fix chrome to work?
Thanks
Try to clear your cache first.
I am using contacts gem in my rails 3 application. In case of yahoo contacts it is acting weirdly . It is working fine on local machine but on staging server it is giving authentication error . Below is the log for local and staging server for test account :
on local server :
Started POST "/invitations/new_invitations" for 127.0.0.1 at 2011-08-04 15:31:46 +0530
Processing by InvitationsController#new_invitations as JS
Parameters: {"utf8"=>"✓", "authenticity_token"=>"TanjgyK36VgohyE/woBmBGYq2DGbPLmts3j+IIG/c1Q=", "provider"=>"yahoo", "email"=>"testvin27#yahoo.in", "pass"=>"123456", "commit"=>"Import your address book"}
User Load (0.4ms) SELECT users.* FROM users WHERE (users.id = 316) LIMIT 1
Rendered invitations/new_invitations.js.erb (1.2ms)
Completed 200 OK in 9594ms (Views: 30.0ms | ActiveRecord: 0.4ms)
on staging server :
Started POST "/invitations/new_invitations" for 14.99.166.38 at 2011-08-04 10:07:34 +0000
Processing by InvitationsController#new_invitations as JS
Parameters: {"utf8"=>"✓", "authenticity_token"=>"ibMbauQlR1yN2bOBZotirAtZa28dMpzL/m9jc5XBP8M=", "provider"=>"yahoo", "email"=>"testvin27#yahoo.in", "pass"=>"123456", "commit"=>"Import your address book"}
User Load (0.2ms) SELECT users.* FROM users WHERE (users.id = 130) LIMIT 1
Contacts::AuthenticationError: Username and password do not match>
Rendered invitations/new_invitations.js.erb (0.4ms)
Any about this kind of behaviour ??