I often got message like the following when using my Meteor App:
09-15 22:42:52.400 3233 3233 I chromium: [INFO:CONSOLE(970)] "Error logging in with token: Error: You've been logged out by the server. Please log in again. [403]", source: http://localhost:12056/packages/meteor.js?hash=9725414143125e6990547986c27b473f43c89e8b (970)
I think it's because the token is expired for some reason (for example when I use Accounts.setPassword to change the user's password by force on server side, I will sure get this at next login attempt)
I don't want to know how to solve this question, I want to know, if there is an event or something else I can be informed when logged out by server, because I determine whether to go "main" page or "login" page by whether Meteor.userId() has value. when logged out by server, even Meteor.userId() has value, last login state is already invalid and re-login is needed.
Related
I have added login throttling to my symfony app. If I try to log in 5 times in a row in the same minute with invalid credentials I have a TooManyLoginAttemptsAuthenticationException in the onAuthenticationFailure method of my authentificator, so far so good.
But if I try to login with correct credentials in the same minute after the TooManyLoginAttemptsAuthenticationException I was expecting to have the same error but I'm actually successfully logged in.
Am I missing Something ?
I'm trying to setup my Google Identity Toolkit so users can reset their passwords. I'm following the documentation here: https://developers.google.com/identity/toolkit/web/required-endpoints#send_email_url
I'm using the PHP Gitkit Client outlined here: https://github.com/google/identity-toolkit-php-client/blob/master/src/GitkitClient.php
Specifically the function getOobResults() on line 307 seems to be unhappy for some reason. Here's where I'm at:
User sets up account and logs in successfully
User then logs out and starts to log back in, enters email in and clicks "Forgot password"
reCaptcha is shown, click check box and then hit continue
At this point my 'Send Email URL' endpoint (gitkitEmail.php) is successfully called and the following POST is set to it (dropping the full '&response' param since it goes on for a while):
action=resetPassword&email=xodfebefa%40nada.ltd&challenge&response=03ACgFB9tGlNt2KAGhrVY....
I then take that string and parse it using parse_str(); since getOobResults() is looking for an array. However, response I get back is always:
{
"response_body": {
"error": "CAPTCHA_CHECK_FAILED"
}
}
I searched around but can't find any details on this error. Any help would be appreciated. I don't have a reCaptcha setup anywhere on my site, unsure if this is expecting me to do that and that's why it's failing? Also, I did bump all my code to a production environment and got the same error there as I did on my localhost.
I am using Maximo Anywhere 7.5.2.0 - Work Execution App
The issue is , the online - offline login sometime getting failed. The first time of app flashed in the Ipad, I can able to login in the app for the both mode online and offline. After some time I cannot able to login. I got the "The user name and password combination that you entered is not valid" error even it is correct credentials.
I have enclosed the logs here.
Object {errorMsg: "The user name and password combination that you entered is not valid."} "
----------------------------------------
rejected at Object.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/auth/UserAuthenticationManager.js:498:17)
at http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:285161
at _7c0 (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:273376)
at _7ba (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:273240)
at _7d8.reject (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:274951)
at _7c6 (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:274017)
at _7c0 (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:273657)
at _7ba (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:273240)
at _7d8.reject (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:274951)
at AbstractChallengeHandler.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/auth/CustomChallengeHandler.js:98:18)
----------------------------------------
Error
at Promise.then._7cd.then (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:275189)
at declare.loginClickHandler (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/handlers/LoginHandler.js:78:4)
at null.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/ui/control/UserInterface.js:850:47)
at HTMLButtonElement.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:285161)
at Function.on.emit (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:557950)
at null.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/ui/control/UserInterface.js:139:12)
at HTMLFormElement.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:285161)"_1047 # dojo.js:2(anonymous function) # dojo.js:2_142.filter # dojo.js:2_1055 # dojo.js:2
dojo.js:2 Object {responseJSON: Object, status: 401} "
----------------------------------------
rejected at AbstractChallengeHandler.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/auth/CustomChallengeHandler.js:98:18)
at http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:285161
at onLoginFormResponse (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/worklight/worklight.js:9549:5)
at klass.window.WLJSX.Ajax.Request.WLJSX.Class.create.respondToReadyState (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/worklight/worklight.js:1184:28)
at klass.window.WLJSX.Ajax.Request.WLJSX.Class.create.onStateChange (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/worklight/worklight.js:1117:9)
at XMLHttpRequest.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/worklight/worklight.js:958:20)
----------------------------------------
Error
at Promise.then._7cd.then (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:275189)
at Object.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/auth/UserAuthenticationManager.js:400:52)
at http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:285161
at _7c0 (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:273376)
at Promise.then._7cd.then (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:275270)
at Object.lang.mixin._realmAuthentication (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/auth/UserAuthenticationManager.js:398:4)
at Object.<anonymous> (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/js/platform/auth/UserAuthenticationManager.js:343:10)
at http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:285161
at _7c0 (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:273376)
at Promise.then._7cd.then (http://11.11.11.11:0989/MaximoAnywhere/apps/services/preview/WorkExecution/common/0/default/dojo/dojo.js:2:275270)
Even the different user with correct credentials not able to login. It is start working only I restarted the server. I faced this issue very often. Kindly advice.
Any help would be appreciated.
Thanks in advance
Offline login requires that you have logged in previously as this user before. It stores this information in the localStorage of the application. If offline login seems to be breaking on iOS, this might be a known issue that we've found and fixed as an iFix.
The first time you login, you must have a server connection to download the data initially and validate your username/password.
Are you using an embedded worklight or standalone worklight server? You should check the server logs to see if the server is actually running while you're trying to login as the second user.
UPDATE:
The only thing I can think of here, is that your worklight server is failing to respond to the initial WL.Client.connect somehow. Either it's too slow, or maybe running out of heap space. So when it's time to actually try and WL.login with our challenge handler, that handshaking has failed..
Check the heapsize of your worklight server make sure it's large enough
Check the connect timeout in our Startup.js file being used with the WL.Client.connect method, and bump it way up to be larger and see if it fixes the problem.
EDIT: To try to simplify this question... at a very basic level, and I believe this has to be a fairly basic need of a session system... how do we have a SECURE session tracker without breaking onDisconnect functionality? If you add security rules, onDisconnect doesn't work, if you DON'T add security rules anyone can "spoof" a login session by writing to the unprotected table or deleting someone else's presence.
I'm trying to solve a problem where "onDisconnect" is not being called because my security rules only allow the logged in user to write their presence data in /sessions/$userid/"true" ... onDisconnect works so long as that user is logged in, but if that user closes their browser AFTER they have been logged out, or logged out due to timeout, onDisconnect gets blocked by the security rules.
At first I thought... "oh, I can just trace back to where logout happens and put in another clean up of session presence there." but had I thought that through more I would realize that the auth = newFirebaseSimpleLogin callback "else" block seems to be the only way to detect log outs. ON TOP OF THAT, the callback is returned AFTER the logout occurs so that returns me to square one where I need to be logged in so that the onDisconnect call can remove my session, but by this time, I'm already logged out.
Am I missing something? Is there a pre-logout call I'm not aware of? Is there something special I can do in the security rules file that will allow onDisconnect to remove sessions post logout?
Here is the security rules block I have for the "table" in question:
"sessions":{
"$user":{
".write": "$user == auth.uid"
}
},
And in the JS it's just simple:
var con = ref.sessions[user].push(true);
con.onDisconnect().remove();
And as expected, since I'm not logged in onDisconnect I get:
FIREBASE WARNING: set at /sessions/simplelogin:16 failed: permission_denied
EDIT: What's with the downvote? =/
I'd suggest removing the presence bit before calling logout().
If you then want to track "presence" of a logged out user, you could either set a new presence bit as an un-authed user, or you could log in anonymously:
https://www.firebase.com/docs/security/simple-login-anonymous.html
I would like to get a list of meetings on the server however when i do a https://example.com/api/xml?action=report-bulk-objects&filter-type=meeting replacing the domain with my connect domain i get an access denied response. I am signed in to the connect work space and I am in the admin group. What could be the cause of this?
response:
<results>
<status code="no-access" subcode="denied"/>
</results>
This should work if you're in the admin group, logged in, and submitting the request from the same browser that's logged in. You might try adding the session parameter to your request ("&session=breez123abc456def")
The value of the parameter must be that of the BREEZESESSION cookie set by the Connect server on your authenticated session. One of several ways to discover that is with the common-info API method: https://connect.example.com/api/xml?action=common-info It'll be in the /results/common/cookie element.
If this still isn't working, check the debug.log on the server(s) for the failing request; there should be additional information there.