my mvc application is getting logout after some time [30m] of inactivity and when I click on any link of site.
when i checked Request.IsAuthenticated is comming as false.
i am using pingidentity as saml2.
Related
I have a problem with my ReactJs. I created an app that when a user inputs a username and password, it takes him to his account that has a sidebar menu with different pages and routes. The routes work properly on the local server and when I reload each page, it reloads successfully. Yet, when I deployed my website on a testing server, it falls whenever I refresh the page and returns this error :
What could be the reason for this problem considering that it works locally with ease and the route is reloaded successfully. Does anyone know how to fix this problem?
I am using angularjs with spring mvc in my application. It is a single page application where there is a login button and multiple tabs. Tabs are not visible unless the user logs in. After user logs in, the tabs will be visible (login button will not be visible) and user can navigate and use features under any tab. The URL of all these actions will be same (Ex: www.xyz.com/context/).
I have problem with session management here. If the session expires when the user is in any of these tabs, say tab no. 3, the page should be reset to initial state where login button is visible and tabs are not.
I have configured spring session management like below
<security:session-management invalid-session-url="/invalidSession">
<security:concurrency-control expired-url="/" />
</security:session-management>
On session expiry, I have spring mvc controller configured to handle it. Like the one below.
#RequestMapping(value="/invalidSession", method = RequestMethod.GET)
public ModelAndView invalidSession () {
ModelAndView model = new ModelAndView("redirect:/");
model.setStatus(HttpStatus.);
return model;
}
Though this method is called on session expiry, the redirect doesn't reset my page to its initial state where only login button is visible. Rather, it stays in the same state in tab no. 3 and all other tabs still visible. If I hit the browser refresh button, it works fine.
I have also tried using model.setStatus(HttpStatus.RESET_CONTENT); in the above controller method, it still doesn't work.
I went through the question in Spring security and angular javascript redirect to login page, but it is bit complicated for my requirement and my requirement is quite simple. I guess we should be able to handle it through session management of spring with appropriate redirect where it resets my page.
How can I achieve this?
Ok. I have taken an angular approach. I have used component ng-idle as outlined in Angular session timeout and management.
Also, I have removed spring session-management tag as ng-idle solves my requirement.
I want to use OAuth in my AngularJS application, and to do so I need to take the user to the Twitter OAuth page so that they can grant access. I could do this inside my application, but I'd prefer not to redirect the user out of the context of the Angular app (i.e. don't reload the page) and so what I want to do is open the authorization page in a pop-up or modal window. The user completes the workflow in that window and when they close the modal, the access token is stored in my app, or in a cookie.
I am really struggling to figure out how to open this pop-up and populate it with the Twitter grant authorization page.
> Here is an example: http://plnkr.co/edit/NeMAj32daePMopWaffkw?p=info
If you could get an external website to open in that modal then I think I might be part-way there?
I don't believe that's possible. Even if you could embed the Twitter auth page inside a modal's iframe, the OAuth flow would ways force it to redirect. Knowing that a redirect is applied to the entire page (e.g. browser window/tab) and not only to the iframe, it would end up redirecting your entire page.
And there's also the phishing risk
Your only option is to open a new browser tab/window(popup).
More information about Twitter's OAuth flows here and here.
I have problem when using angular firebase javascript simple login with cordova.
Below is testing under cordova emulate android
user click on google login button
redirect to google login page
after submitted login form. the page stuck with loading.... please wait
and this error messsage in console not allowed to load local resouces
I got no problem when using desktop browser or mobile browser. It is just mobile app.
Anyone know what error is that?
Tools i use
angularjs
angularfire
firebase
iconic framework
There are some specific configuration issues (and a couple of bugs that needed to be worked out) but this should work well now. Firebase has a blog post explaining how to get this working "Using Firebase Simple Login with Ionic and PhoneGap".
I have one silverlight 4 application which contains one iframe to show aspx pages. The silverlight app and the application in iframe, both are hosted in the same web server.
First, there are two login.aspx pages. One is in silverlight app, other is in another site which is embedded in iframe. My silverlight app will be loaded first and login successfully for silverlight app.
Then, in my silverlight app, there is one link button to load the aspx page into iframe.
When I access the aspx page in the iframe at the first tim, it will go to its login.aspx and login successfully. After that, I go back to the silverlight app, i immediately get the http 302 error. But the duration between i access aspx page and the silvelight app, not bigger than the time of session timeout.
So could anyone be able to figure out what can make the error?
P.S. It only occures after aspx page logins successfully. If I do not touch the aspx pages in iframe, just acces the silverlight pages, it will have no error.
Today found the root cause and resolved it. It is due to the two applications are placed into same machine. Then, the second login will overwrote the authentication cookie of the first login. (It meant to call the sencond's FormsAuthentication.SetAuthCookie() will overwrite the first ones.) So the solution is very easy. Just to make their authentication cookie name different:
`
<authentication mode="Forms">
<forms name=".SecondAuthCookie" loginUrl="login.aspx"
defaultUrl="default.aspx" />
</authentication>
`