I'm implementing LiveID authentication on my website. I've done it before, but not on this particular platform, MojoPortal.
The sign-in works properly, but when I attempt to sign-out, I get the error message quoted below. My browser is not blocking cookies.
I get the same message when logging in to and out of, say, MSDN with a LiveID too now. I can't figure out if there's something about my site's programming that is interfering with the sign-out process of LiveID (since I believe that all (recent?) websites get sent a sign-out command) OR if live.com is just having issues lately and this is a coincidence.
Couldn't sign you out
We couldn't sign you out because your
browser is blocking cookies. To sign
out, close all of your browser
windows.
To keep this from happening again,
change your browser's settings to
allow cookies. If you don't know how
to do that, see your browser's help.
AFAICT if you block third party cookies — a not uncommon practice — then the Windows Live sign out routine presents a false alarm about signing out. In this situation the advice —
close all of your browser windows
— may be ignored. If you simply proceed to a page that requires a Windows Live ID, the prompt to sign in will appear.
Screen shots at http://www.wuala.com/grahamperrin/public/2010/09/27/a are from Chromium 6.0.443.0 (50323) after clearing all browsing data. I also tested Safari 5.0.2 in Mac OS X 10.6.x and again, found that the false alarm occurs only when third party cookies are blocked.
No mention of third party cookies at any of the following —
Haven't been able to sign out
When I try to close my hotmail, this is what I get: Couldn't sign you out We couldn't sign you out because your browser is blocking cookies. To sign out, close all of your browser windows. …
logout problem - says Couldn't sign you out We couldn't sign you out because your browser is blocking cookies. To sign out, close all of your browser windows. To keep this from happening again, change your browser's settings to allow cookies. If you don't know how to do that, see your browser's help. BUT COOKIES ARE ENABLED OR ELSE I COULDN'T HAVE SIGNED IN! (who can blame them for shouting? ;-)
When signing out of Hotmail I am not being signed out of Windows Live Storage. Refer to displayed messages in the "Add details" section
— so I could be wrong …
This looks like a configuration problem with the rpsserver.xml in your machine
Purge the browser's cookie cache. I seem to recall this error can come up if a corrupted cookie gets written to the local cache.
Related
I have a strange error. When I try to load a public blob from Google Cloud Storage in a browser, I get the error "Your connection is not private".
And more strange, when I go to see the certificate, it is emmited to "*.JUEGOILEGAL.ES". For example https://storage.googleapis.com/ysi_production/newsletter-assets/chica_lupa.png
When I'm connected to wifi, there is no problem, but when I'm connected to mobile data, the error appears. I'm trying with some different network operators from Spain, and with some it happens, and others not. For example, with some MásMóvil and Pepephone it happens, with Movistar not.
What happens?
I suggest you try the following things:
Open the link in Incognito mode
Clear browser cache and cookies
Temporarily turn off your antivirus, just to check if there an issue there
Change DNS settings. For example to the ones provided by Google (8.8.8.8 and 8.8.4.4)
Project Overview:
I have made a Web System by using Django+AngularJS.
The Web System is basically an Authentication Portal, User logs in and does the stuff etc.
Problem Statement:
The problem I am facing is that I have logged out my system successfully and closed the browser. Then I visit the Web Page after a week, when I opened the Link https://www.foo.xyz so normally Login Page should Appear but instead of that it directs me to the Home of the System, which is not normal.
And it keeps happening until and I cleared the Browser's Cache, Restarted the Browser and Reopened the link.
(I used Chrome and Firefox and I am facing the issue in both of them.)
What I need:
First, thing is that I don't why does this happen?
Second, how can I fix it permanently?
As I don't know how you made your web system, I'm going to be assuming a few things here.
Your page keeps the authentication information in cache, so that's why the page goes to the home and doesn't once the cache is deleted. If you want this not to happen, you're gonna need to find some way to auto-remove the authentication from the cache after x amount of time.
It seems keeping all the browsers happy is a challenging task, what with all the security they are adding and the complexities of certificates.
I have a SPA (Vuejs) which is using oidc-client.js to implement OIDC, communicating with an Identity Server (Identity Server 4).
First thing to note is that everything works if I run both client and server on localhost.
It is when I deploy the Identity Server to a Staging Server inside our network that things go awry.
So, the hostname of the Idp now differs to that of the SPA (which would be normal in production).
After much work, I've got everything working except IE11 (yep IE).
I had to do several things to get me there such as:
solve the samesite cookie issue of Chrome
create self-signed certificates and install the root certificate in the Trusted Certificates
add Babel config code and Core.js at the client, to enable IE to not throw errors when promises come into play
So, it's been a long road, yet still, I have to deal with this (see animation):
I just can't quite figure out why IE is doing that.
It is not possible to use the dev tools to see any info.
The logs at the server do not contain any information that seems relevant.
Has anyone else seen these "Browser symptoms" in IE.
Happy to provide more information (code, logs etc.) if people think that will help. Just didn't want to dump all that in the initial question, as many people don't like that.
Here are a couple of Fiddler screenshots. The first is from Chrome:
The second on is for IE11.
For some reason, the Silent Refresh is being invoked over and over again with IE11.
I think I can see what is happening, but not sure how to fix it.
There appears to be 2 calls to the Authorize endpoint which fail, conspicuously missing the .AspNetCore.Antiforgery cookie. This results in 2 invocations of silent-refresh.html.
Then, for some reason there is some king of GET request to the base url of the Idp and immediately following on the heels of that request is a request to the Authorize endpoint which does have the .AspNetCore.Antiforgery cookie.
The ship is set straight until the next call to the Authorize endpoint which is the beginning of the next cycle.
However, with Chrome, after the user is logged in, the next call to the Authorize endpoint does contain the cookie.
So, I guess it is the missing cookie which is the issue.
Perhaps this has something to do with the code which I used from this post to solve the Chrome samesite cookie issue?
Cheers
I'm stumped. We have a client who cannot log in to our system and yet we can log in fine using her credentials. She can also log in fine from her friends home.
Upon entering her credentials the screen simply refreshes and nothing happens when in fact she should be brought to a dashboard page. When I monitor the request via the Chrome web developer tools I can see that the dashboard does get requested after log in but then suddenly we're brought back to the log in page.
Now I've cleared her cache, cookies and all other temporary internet files from both IE9 (her default browser) and Chrome. Nothing happens. I've read that changing session names might help but that did nothing either.
The system is using the newest version of CakePHP (2.2.1) and absolutely any help would be appreciated.
This issue has been solved. Turns out this client in particular had the wrong date and time set on her computer. Upon setting the correct date and time, she has been able to log in absolutely fine since.
Thanks everyone for help!
I can't access the Datastore Admin tab due to a "This webpage has a redirect loop" error and I can't figure out what I'm doing wrong or have set up wrong.
I have Datastore Admin Enabled in my web console.
I've added (although I don't know if this is even necessary):
builtins:
- datastore_admin: on
I've cleared cookies, etc.
Authentication Options is set to Google Accounts API
Has anyone else seen this or know how to fix it?
The issue is being discussed here and I am going to answer it.
http://code.google.com/p/googleappengine/issues/detail?id=4233
First a question. Which browser is this on?
I've had this problem on chrome and it's related to Chrome blocking third-party cookies, over-all a nice thing for it to do. You can add an exception to your third-party cookie settings to make fix the problem.
You need to go to the Chrome settings page. You may need to expand an option called Show advanced settings...
Then look for:
Privacy / Content settings...
Cookies / Manage exceptions...
Then add an exception at the bottom of this list. The exception should look like this:
https://ah-builtin-python-bundle-dot-latest-dot-[YOUR_APP_ID].appspot.com/_ah/datastore_admin/*