I have been trying in vain for many hours to get this working. I have scoured the forums and cannot for the life of me get this to work. Any illumination on the matter would be much appreciated.
I am running:
Vanilla version 2.0.17.8
ProxyConnect version 1.8.4
Cakephp Version 1.3.3
Croogo Version 1.3.2 (cakephp CMS)
I have installed the Vanilla forum in a subfolder app/webroot/vanilla
Install goes smoothly and I upload the proxyconnect plugin into the vanilla plugins folder.
I activate it, and the load the following urls (I have taken out http:// because I am only allowed to post 2 links as I am a newbie here)
Main Site URL The URL of your website where you will use ProxyConnect
localhost:8888/cmrs
Authenticate URL The behind-the-scenes URL that shares identity information with Vanilla
localhost:8888/cmrs/users/authenticate
Registration URL The URL where users can sign up for new accounts on your site
localhost:8888/cmrs/register
Sign-In URL The URL where users sign in on your site
localhost:8888/cmrs/users/login?vanilla=1
Sign-Out URL The URL where users sign out of your site
localhost:8888/cmrs/users/logout?vanilla=1
I have created an action in my users_controller called authenticate()
public function authenticate() {
$this->layout = 'ajax';
$this->header('Content-Type: text/plain');
if($this->Auth->user()) {
$data = $this->Auth->user();
$this->set('data', $data);
}
}
I have created a view authenticate.ctp which outputs the data correctly if you access it directly and you are logged in
<?php
if(isset($data)) {
echo 'UniqueID='.$data['User']['id']."\n";
echo 'Name='.$data['User']['username']."\n";
echo 'Email='.$data['User']['email']."\n";
echo 'TransientKey='."\n";
echo 'DateOfBirth='."\n";
echo 'Gender=';
}
?>
Outputs
UniqueID=1
Name=admin
Email=you#your-site.com
TransientKey=
DateOfBirth=
Gender=
In vanilla config.php I have set
$Configuration['Garden']['Cookie']['Domain'] = '.localhost';
In Cakephp bootstrap.php I have set
ini_set('session.cookie_domain', '.localhost');
So, after all that when I click on signin from vanilla I get redirected to the cake app login and when I login I am not logged in in Vanilla Forum.
When I logout from Vanilla I get redirected to the cake app and am logged out from that but not from Vanilla.
Any suggestions would be greatly appreciated.
Get rid of
TransientKey=
DateOfBirth=
Gender=
from your output as this will fail the ini string format due to blank strings
Firstly, I have been stung once in the past when working with CakePHP's AuthComponent, with cookies not working the way I had expected on localhost. I didn't spend too much time investigating as the code worked in the production environment (on a real domain name).
I suggest you add an entry to your hosts file with a realistic looking domain name. Assuming your production URL will be http://www.example.com/ or http://forum.example.com/, you can map a fake development subdomain to that same domain name by updating your hosts file like so:
127.0.0.1 localhost dev.example.com
You would then access your development environment using http://dev.example.com:8888/ instead of http://localhost:8888/. After that, you would then need to update all the URLs in the Proxyconnect settings, and the cookie domains in the Vanilla/CakePHP configuration files to match this new domain.
// http://dev.example.com:8888/cmrs
// http://dev.example.com:8888/cmrs/users/authenticate
// http://dev.example.com:8888/cmrs/register
// http://dev.example.com:8888/cmrs/users/login?vanilla=1
// http://dev.example.com:8888/cmrs/users/logout?vanilla=1
$Configuration['Garden']['Cookie']['Domain'] = '.example.com';
ini_set('session.cookie_domain', '.example.com');
Secondly, you should be using a development tool to inspect any cookies being created, making sure they are actually being created with the correct domain and path settings (I guess CakePHP should be creating cookies that Proxyconnect can see). A popular combination for doing this easily is to use Firefox + Firebug + Firecookie, but many new browsers have these tools built in (eg. the Resources tab in Chrome's included Developer Tools).
If CakePHP (or Vanilla) is installed in a subdirectory, you may need to check cookies are not being created that are "sandboxed" within the subdirectory. I believe CakePHP will do this by default unless you ini_set('session.cookie_path', '/');.
Also, when CakePHP's Security.level setting has a value of high, it will regenerate a (random) session ID on each request. I would set this to medium, at least while testing.
Related
I have a Wordpress site that I developed with Local and has localhost url. I got a new hosting plan and domain name and I successfully pointed the domain to the new hosting.
I tried to do the migration and I used the Wordpress plugin "WP Migrate" and I performed the find and replace using the new domain url.
I forgot to do a backup of the database before doing the find and replace and now my site doesn't show any photos, styling and JS.
Is there any way I can restore the previous localhost url and do the process again?
You can check the wp_options table, if URL is properly replaced.
Or, you can backup DB and again replace new URL to localhost URL to get back the DB to previous state.
The URL replace will affect only serialised array strings only.
First of all, please save parmalink on live site.
Then check your option table site url and home url
Try find replace old url
I have implemented mod_auth_mellon in my apache httpd 2.4 webserver. I configured Mellon to authenticate when I try to access my oracle JET application.
So far all is good, when I go to http://example.com, I am redirected to my sso login page and after entering my credentials I am sent back to https://example.com.
My problem is that once I return to my application at https://example.com, I need to be able to access the Mellon-nameid attribute so I can retrieve user privilleges from a database talbe based on email address.
According to all the docs I have read, mod_auth_mellon stores the mellonUser attribute in the apache environment, and/or the response headers.
Also according to what I have read, there is no way in my JET application to access the apache environment variables, and so far I haven't found a way to examine the response headers to get the mellonUser from there either.
Is there an alternate way to access the MellonUser attribute? Can it be stored in teh Mellon cookie, or maybe put on the url as a query parameter?
Also any methods for accessing the headers would be appreciated as well.
Just posting here, even though it's an old thread.
So when you use Apache Mellon, you can supply the nameID in a header value. If you are using apache as a proxy, (I.E you successfully authenticated, now go through the proxy), the web server can access the nameID as an attribute. You can also pass whatever other SAML attributes you want (Assuming you already know how to do this, i'll leave this part out).
Now the problem is, that header value is something the web app (Backend) sees BEHIND the proxy. Javascript is ran client side, in the user's actual browser. So in this scenario it would not be able to see this value unless you tell the backend to send it forward.
As an example, if you setup Apache SAML and then have it proxy to a PHP app, and you have a page that simply dumps the headers:
<?php
foreach (getallheaders() as $name => $value) {
echo "$name: $value\n";
}
?>
OR:
<?php
var_dump($_SERVER);
?>
VIOLA, you can see the nameid and whatever other attributes! However, go to your web console, and poke around, or check out your headers... these will be different because you are getting headers from pre-proxy, while the webapp gets headers from the post-proxy.
So what can you do? In my php example, since PHP will parse first, you can grab the variable from the backend, and echo it into a script that will be ran after this is all done.
<script>
username = "<?php echo $YourHeaderNameID; ?>";
</script>
However, there is some danger to this as well. Client side Javascript and be easily modified. So if your username "johnsmith", and you wanted to change the website username to "joeschmoe", that would be trivial. You should probably have the backend provide whatever user information you require, and then use javascript to style, rearrange, do whatever with.
I'm trying to use the "Copy to another app" feature of AppEngine and keep getting an error:
Fetch to http://datastore-admin.moo.appspot.com/_ah/remote_api failed with status 302
This is for a Java app but I followed the instructions on setting up a default Python runtime.
I'm 95% sure it's an authentication issue and the call to remote_api is redirecting to the Google login page. Both apps use Google Apps as the authentication mechanism. I've also tried copying to and from a third app we have which uses Google Accounts for authentication.
Notes:
The user account I log in with is an Owner on all three apps. It's a Google Apps account (if that wasn't obvious).
I have a gmail account this is an Owner on all three apps as well. When I log in to the admin console with it, I don't see the datastore admin console at all when I click it.
I'm able to use the remote_api just fine from the command-line after I enter my details
Tried with both the Python remote_api built-in and the Java one.
I've found similar questions/blog posts about this, one of which required logging in from a browser, then manually submitting the ACSID cookie you get after that's done. Can't do that here, obviously.
OK, I think I got this working.
I'll refer to the two appIDs as "source" and "dest".
To enable datastore admin (as you know) you need to upload a Python project with the app.yaml and appengine_config.py files as described in the docs.
Either I misread the docs or there is an error. The "appID" inthe .yaml should be the app ID you are uploading to to enable DS admin.
The other appID in the appengine_config file, specifically this line:
remoteapi_CUSTOM_ENVIRONMENT_AUTHENTICATION = (
'HTTP_X_APPENGINE_INBOUND_APPID', ['appID'])
Should be the appID of the "source", ID the app id of where the data is coming from in the DS copy operation.
I think this line is what allows the source appID to be authenticated as having permissions to write to the "dest" app ID.
So, I changed that .py, uploaded again to my "dest" app ID. To be sure I made this dummy python app as default and left it as that.
Then on the source app ID I tried the DS copy again, and all the copy jobs were kicked off OK - so it seems to have fixed it.
I am looking to get http://www.mysite.com/app_directory in the model. Note my app is not in the site root. I need it to perform a cURL request and I don't want to hard code it because the app location will change. I also need the check to return http://www.mysite.com if the app moves to the site root.
About it being a bad idea to have the model know about its environment, I was wanting to check if a URl is an external web page or a URl within the current website.
that would do:
env('HTTP_HOST')
it's cake way of looking at:
$_SERVER['HTTP_HOST']
Well as I have posted earlier too...I have created a site in two languages. One with URL www.mainDomain.com (English) and other with www.fr.subDomain.com (French).
Both are done in CakePHP,in french I have just changed the views of it to French. But the problem is, when anybody login's in English version and then switches to the French version, the session doesn't recognizes it and ask for login again. It has become to be the biggest bug in the Web application which I have done till far.
For that, as Swanny told me to go through a link and I did it on my application as it was said on the link.Apparently,it worked for login which shared session between two domains(main domain and it's subdomain). But when I checked it thoroughly, I recognized that both the sites are throwing the latest NEWS from Database, both data are different. Just to check if I was wrong I changed the some save variable to database in session array. But now it refused to remember anything (session). Could anyone suggest me what could be problem with this and how can I resolve this...???
Thanks in advance
I'm not sure I completely understand, but I'm gonna try. I think this is about a PHP setting called session.cookie_domain.
Assuming your websites have the following URLs:
http://www.example.org/
http://fr.example.org/
http://de.example.org/
The setting you want is: .example.org.
You can adjust this in php.ini, a .htaccess file or even in PHP itself:
<?php ini_set('session.cookie_domain', '.example.org'); ?>
If your websites run on two completely different domains, e.g.:
http://example1.org/
http://example2.org/
... then there is no way to share the cookie between these two different domains.
#dooltaz That is a great solution. Be issue is that cake seems to be setting the cookie after me. What I did instead is send the user ro a redirect method and then move the cookie setting to the afterFilter
function afterFilter() {
if (!empty($this->params['url']['session_key'])) {
// Setup variables here...
setcookie(Configure::read('Session.cookie'), $this->params['url']['session_key'], time()+360000, '/');
// Cakes cookie method will put your cookie name in [] so it does not work.
}
}
(Also fixed typo in your code..)
If you have two different domains, I would suggest the following:
On "www.mainDomain.com", put a link to the "www.fr.subDomain.com" site and pass the cookie in your view file:
$session_cookie = $_COOKIE[Configure::read('Session.cookie')];
echo $html->link('See French Site', 'http://www.fr.subDomain.com/?session_key='.$session_cookie);
Then on the french site add a bit of code to mimic the cookies in the app_controller.php > beforeFilter().
function beforeFilter() {
if(!empty($this->params['url']['session_key']) {
// Setup variables here...
setcookie(Configure::read('Session.cookie'), $session_cookie, time()+360000, '/', $domain);
// You could use CAKE's setcookie command here.
}
}
Now that the cookies match up, you will have to either use database sessions or the cake file based sessions. Read the instructions in core.php to set those up.
This should allow you to basically share the same session over various sites. I'm actually in the middle of implementing ACL over multiple sites with a single login. It can get to be a bit tricky, but just do it step by step, you'll do fine. Also don't be afraid to jump into the Cake core code to see how it works.