i'm having troubles with the bhLDAPAuthPlugin for symfony when the user session expires. It redirects to the signin form as expected but once the user is authenticated, instead of redirect him to the requested page (the one witch first requested the user), it redirects him to the requested page adding exra information to the URL.
Let me show it to you with an example:
The user is in this URL and the session expires
myapp/editSomething/id/231
And then is redirected by the bhLDAPAuthPlugin to the signin form. Once the user had entered the username & password is redirected here
myapp/editSomething/images/loadingAnimation.gif
I dont know what loadingAnimation.gif is (is not in my /images/ directory nor in anywhere else of my app), nor where is this additional information added :S
Could you please help me to find the place where i must change this behaviour?
Thank you! :D
Every thing is done in the action. The redirect url is build here:
// always redirect to a URL set in app.yml
// or to the referer
// or to the homepage
$signinUrl = sfConfig::get('app_sf_guard_plugin_success_signin_url', $user->getReferer('#homepage'));
Did you define something in your app.yml for app_sf_guard_plugin_success_signin_url ?
all:
sf_guard_plugin:
success_signin_url: #my_route?param=value # the plugin uses the referer as default
So it seems that your referer is bad. Try to define an url in the app.yml to see if the behavior is different.
Related
I'm face up with a problem when login.
If user is authenticated, I will let them redirect to home page.
And if they come from another protected route (homepage, other routes) and after logined, I want it redirect to exactly the route they came from.
My solution is:
In auth.js middleware, I will save to cookie the route they come from like this
app.$cookie.set("historyRoute", app.router.history.current.path)
In login.vue I will check if exist historyRoute to let them redirect then remove historyRoute from cookie.
But problem is that user will come from other protected routes and they do not take login action at that time, they make refreshing Login page many times and historyRoute will still exist in cookie.
So I want to know how to determine when visitors directly reload Login page to remove historyRoute in cookie.
Or if you have another solution, please suggest me know. Thanks.
Update flow:
Visitor access link /users/setting
-> check Auth
-> if Not Auth
-> redirect 302 to /Login
-> After login (I need to know they directly come from login page or from /user/setting then redirect to login page)
-> redirect back to users/setting
How to suppress the Redirect URI that appears in the user consent journey screen
User consent journey with Redirect URI
This doesn't look to possible. The OAuth authorization page layout is fixed and unless there's an option in the developer portal that allows you to change the way the redirect URL is displayed, there's nothing you can do about it.
Displaying the redirect URL on the OAuth authorization page is pretty standard and the most you could hope for is to be able to specify a label to be shown instead of the raw URL.
How can you redirect the page if the user does not logged in in velocity machine? for example when you visit a another page it will redirect to login page to view the that another page, do I need a conditonal on that?
I believe that you are using SpringFramework in your project.
You could simply add an interceptor to check whether the user has logged in or not and redirect him. You could also add a filter in web.xml file to do the same.
Currently, I'm trying to integrate the OneDrive SDK onto a website. However, I'm having issue with redirecting with authentication.
Normal route:
User goes to the website. It clicks on a button to single sign onto there OneDrive
User gets redirected to OneDrive Authorization page.
Once authentication, user gets redirected to where they left off. This redirect is specified in the OneDrive's SDK account. However, it seems that they don't allow query params in the redirect URL.
Is there a way around this?
The only thing I could figure out is using a URL that is an alias for the URL with the query params, but that just seems like a hack solution. It's hard to believe that there isn't a way for a user to redirect with query params to indicate at what stage they left off on the site.
Example of invalid redirect url as http://skydpk.com/index.php?a=ap&addon=file_sharing&page=skydrive
Any advice appreciated,
Thanks,
D
You can try registering your base URL as the redirect URL and just before initiating authorization action append the parameters to the redirect URL.
Redirect URL at one drive app dashboard : http://skydpk.com/index.php
Authorization URL
https://login.live.com/oauth20_authorize.srf?client_id=<your client id>&scope=<scope>&response_type=code&redirect_uri=http://skydpk.com/index.php?a=ap&addon=file_sharing&page=skydrive
I have been trying to do this for days now and cant seem to find any help on how to do is. I want the user after login to be redirected to a different page instead of the members landing page.
Try checking the code in User/AuthController after this comment Run post login hook. There are several ways to do a custom redirect here.
specify a return_url parameter in the link to login page. You can also 64-bit encode the redirect url so that it is compact.
Keep a session variable, namely Zend_Session_Namespace('Redirect')->uri
Write a post login hook onUserLoginAfter and pass a redirect parameter in its response.
If all else fails, hard-code the next line of code which redirects to home :P