im using FOSUserBundle for Symfony2. How can i change the page redirection after a authentication failed and after a logout?
Thanks!
you can customize your form login in security.yml :
Example:
firewalls:
main:
form_login:
failure_path: /login_failure_redirect
logout:
target: /logout_redirect
Related
I'm using MSAL JS in order to authenticate users in react application developed using REACT. Sometimes login works perfectly, redirecting users to the home page of the app. Other times login popup opens, users insert their login but then login procedure fails with this error:
hash_empty_error: Hash value cannot be processed because it is empty.
Please verify that your redirectUri is not clearing the hash.
I know this issue was raised before but never seen proper solution how to overcome this error
What worked for me was to set the redirectUri to a blank page or a page that does not implement MSAL. If your application is only using popup and silent APIs you can set this on the PublicClientApplication config like below:
export const msalConfig = {
auth: {
clientId: process.env.REACT_APP_CLIENTID,
authority: `https://login.microsoftonline.com/${process.env.REACT_APP_TENANTID}`,
redirectUri: 'http://localhost:3000/blank.html'
},
cache: {
cacheLocation: "localStorage"
}
}
If your application also needs to support redirect APIs you can set the redirectUri on a per request basis:
msalInstance.loginPopup({
redirectUri: "http://localhost:3000/blank.html"
})
I'm currently working on symfony 4 project with React js to handle admin panel .
I used Webpack Encore to connect React JS .
the path of The React JS app is :
my_project_symfony/
And i have an api in :
my_project_symfony/api
The React JS is supposed to present the admin interface so it must be protected by admin role .
My security config is :
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/api/login
stateless: true
anonymous: true
json_login:
check_path: /api/login_check
success_handler: lexik_jwt_authentication.handler.authentication_success
failure_handler: lexik_jwt_authentication.handler.authentication_failure
api:
pattern: ^/api
stateless: true
anonymous: true
guard:
authenticators:
- lexik_jwt_authentication.jwt_token_authenticator
main:
anonymous: true
refresh:
pattern: ^/token/refresh
stateless: true
anonymous: true
With this configuration how can i protect my React JS admin interface with admin role and at the same time allow role user to use my api ?
I want to :
my_project_symfony/ReactJsAPP // Protected by admin role
my_project_symfony/api// Protected by user role
I am using Keycloak authentication to authenticate an angular app and so far I have managed to redirect my login to keycloak server. But when redirected instead of the login page I am getting a 500 error page with the message Invalid parameter: redirect_uri.
I followed this stackoverflow answer and made sure that my client settings are correct. But no matter what I changed it to I get the same log message on keycloak console.
Keycloak log
09:39:21,369 WARN [org.keycloak.events] (default task-62) type=LOGIN_ERROR, realmId=camunda-demo-auth, clientId=camunda-demo-client, userId=null, ipAddress=127.0.0.1, error=invalid_redirect_uri, redirect_uri=http://localhost:9002/
My Client Settings
Update [Changed settings according to RobbyCornelissen's suggestions]
Angular Login Redirection
angular.element(document).ready(function () {
window._keycloak = Keycloak('../src/app/resources/keycloak.json');
window._keycloak.init({onLoad: 'login-required'})
.success(function () {
angular.bootstrap(document, ['adfWidgetSample']); // manually bootstrap Angular
});
});
I developed a Google OAuth2 Login in Spring Boot and its working fine. I want to redirect to some specific URL after a button has been clicked. I am using an application.yml with Google Oauth2.
I want to redirect to a specific URL after my authentification.
Here is the code I use for Google OAuth2:
Application.yml
security:
oauth2:
client:
clientId: <Google Client Id>
clientSecret: <Google Secret Id>
accessTokenUri: https://accounts.google.com/o/oauth2/token
userAuthorizationUri: https://accounts.google.com/o/oauth2/v2/auth
clientAuthenticationScheme: form
scope:
- openid
- email
- profile
resource:
userInfoUri: https://www.googleapis.com/oauth2/v3/userinfo
preferTokenInfo: true
In the authorize request towards Google, you should add the redirect_uri parameter
security:
oauth2:
client:
clientId: <Google Client Id>
clientSecret: <Google Secret Id>
redirectUri: https://YOUR_REDIRECT_URL // *** here ***
accessTokenUri: https://accounts.google.com/o/oauth2/token
userAuthorizationUri: https://accounts.google.com/o/oauth2/v2/auth
clientAuthenticationScheme: form
scope:
- openid
- email
- profile
resource:
userInfoUri: https://www.googleapis.com/oauth2/v3/userinfo
preferTokenInfo: true
I am working on a mean.js application, and using the following code for session timeout:
app.use(session({
saveUninitialized: true,
resave: true,
secret: config.sessionSecret,
store: new mongoStore({
db: db.connection.db,
collection: config.sessionCollection
}),
cookie: { maxAge : 1800000 },
rolling: true
}));
It is working perfect. The issue is that when the session expires the page remains in the same state and if the user clicks on any of the links it redirects to the login page.
I need to implement that instead of user click if the session is expired the page should auto redirect to the login page.
Thanks in advance.
mean.js use angular on the client, so your question is the same like
How to redirect to login page after cookie expires in Angular JS?
Finally i got exactly what was required here:
http://hackedbychinese.github.io/ng-idle/