I have 3 DNN webservers behind a Citrix Load Balancer, the load balancer is configured for SSL Offloading.
I discovered that the login link doesn't work anymore. It just refreshes whenever it is clicked. The URL of the login is: Login. The link when clicked supposed to take users to the page where they will login.
When I changed d citrix load balancer to HTTP, everything thing works normal. I.e Login. Opened the Login Page.
Any suggestion on how to resolve this issue will be appreciated.
Related
I am using Blazor WebServer with Identity Server template, downloaded from ABP.IO
When run locally, it all works fine. Login is success and able to see the post login page.
Once deployed to Azure App Service, Identity page shows correctly and even able to login. On the Blazor page, click on login, enter credentials, redirects back to the logged out page, but seems session is created, and login button shown. there is no error logged in the log files and console also has no errors.
Redis is running as Azure Redis Cache and there are no reported errors. I have deployed to below URL on Azure using the default template. Nothing confidential so I can share. The credentials are also the default credentials for abp.io.
Blazor: https://shoutout-core-dev.azurewebsites.net/
Identity: https://shoutout-identity-dev.azurewebsites.net/
It seems that there is no error already. Because when I make a request via swagger, I can access the necessary user information. As you stated, actually the session was created.
But there is a problem with the UI. To test the problem, after publishing the application in your local, can you run ASPNETCORE_ENVIRONMENT with the Production environment variable?
In addition, we need your ABP version information and your steps while publishing in local so that we can repeat the error.
this problem probably occurs on chrome. If you try to use firefox, you will pass the problem.Also, you can check this link for the fix on the chrome :
https://community.abp.io/posts/patch-for-chrome-login-issue-identityserver4-samesite-cookie-problem-weypwp3n
My company is using this service Aha! Ideas for internal idea-sharing. Everything is set up correctly with Aha! and the page site loads and requests the email for the user. Once they put it in the Microsoft credentials from the host machine so an SSO and they are redirected to the secure page. On machines where the user has not authenticated against our domain on the workstation, they are redirected to the Microsoft login and after they login, the user is redirected to the site.
So Great!! that is all working perfectly.
Now, I go into App Studio in Microsoft Teams and set up the site to load as an App in the Sidebar. I have added the main URL as a tab, I have set up the Valid Domains and included login.microsoftonline.com and I have set ADD App ID to the one used in the SAML2 setup of Aha!.
When I load the app I get the page requesting my email, this is from Aha!, and when I submit it should use SSO from Teams to log me in. I am logged in to Teams using my company Microsoft Account. At a minimum, it should redirect to the login.microsoftonline.com and request my username and password. Instead, I get nothing but a blank page.
Anyone have any ideas as to why it's not working, or what I might have done wrong?
'SSO' in the truest sense with Teams -definitely- won't work - it requires changes to the app itself, which you don't control, but even aside from that, depending on how the app ends up doing it's authentication, this still might not work, as you're seeing. Is there maybe a chance Aha! is working on Teams integration?
I have a Dynamics CRM 2015 on premise instance, IFD configured with claims authentication, as recommended from Microsoft, and working OK.
There is also a separate angular application, wrapped in, in ASP.NET MVC web application. The angular part i assume is not related much, but nevertheless, let it be here for complete picture.
I also have it configured to work with ADFS claims authentication, with the point being, the user to be logged in, and using the application, in the same user context in both CRM and web app. So when a user is using the application, he is using it with the user he logged in, in CRM with.
So, when i try to access the app URL, i get redirected to the adfs login, from which after logging in, i get redirected to my app index page. This is working fine as well.
In CRM i have a ribbon button which transfers selected records, to the web app, directly to the web app url, so as https://webapp.domain.com:port. Selected records is mentioned here only as info, and it is not related to the problem.
Now, my problem is, when i access CRM, i login to ADFS, and then try to click the button to open web app URL, i get the ADFS login screen again. If i try to login with the same user, i am stuck in a loop without any requests being sent, and the fields are constantly clearing, without the possibility of logging in.
So the users cannot access it anymore. It is not browser related.
Correction:
Requests are getting sent, and the login request appears in the audit log in event viewer, as successful, but the redirection doesn't seem to happen. Also, it seems to be browser related, not sure how I've missed it before:
IE: I get a windows login instead of ADFS login, and after inputting password, i get redirected, and then logged in OK. This login should not show though.
Chrome: Constant loop, and a console issue logged: The specified value "DOMAIN\USERNAME" is not a valid email address.
Firefox: Fields, are constantly cleared in a loop.
End Correction
If i clear the cache, or firstly login to the web app directly, then there is no problem, and opening the URL from CRM after that works normally.
This issue is turning out to be quite of a drag, as i do not know how to address it. Has anyone had similar issue, with external apps logging in with claims, to let me know what i am missing?
Claims rules for the web app are below:
I have created a website and hosted it on apache.
I add users to my website and what i want is that each user gets his/her subdomain as userA.mysite.com, userB.mysite.com and so on. I know that blogspot.com works like this but i am not able to get proper configuration.
I had used wilcard domain configuration but upon the second page again redirects to the main domain. e.g. i logged in using userA.mysite.com but after login i am redirected to my profile on mysite.com
Can someone guide on what configurations i make to get this work?
Any help appreciated.
To GAE+html5 gurus out there :)
When user logs on to a GAE hosted application, his credentials are stored locally in a cookie (correct?).
After this cookie expires (e.g. if users hits logout on another browser tab), no login_required protected methods will work.
Regular webapp will require re-authentication next time the user navigates to a login_protected url by automatically redirecting to a login screen.
What would be the right way for a cached webapp to be handling this?
My test is a simple login_protected page accessed by Chrome and iOS browser. It's cached and accessible offline as expected. Then, (while online) and after the authentication expires, the server log shows a 302 response which is followed by 200 response of the authentication dialog page, but of course no authentication happens.
Thanks!
If you are using google authentication to provide access to your page . Which means even if you are logged in one of the other google services. Your cookie still exists in the browser. login_required will assume that you are logged on based on the cookie. What you are seeing is a redirection to google's page that's 302. If you want you can manage sessions on your own and check for authentication based on your data in data Store.There are lot of solutions availble for both Python and Java .