I would like to implement the SimpleSamlPHP bundle in my symfony project But, I'm having some issues with the redirect after the login.
Let me explain a little:
I have loaded "simplesamlphp/simplesamlphp" in my composer. So, the bundle sits in the vendor directory.
Then I wrote my own bundle where I configured the simplesaml, made controllers with login actions,...
Everything works (in the sense that I effectively have a button that redirects to the Idp (I configured) and does its thing). But then I get redirected to: http://BASEURL/module.php/saml/sp/saml2-acs.php/IDENTIFIER, which it does not find, because the files are in the vendor bundle.
When reading the documentation carefully, I saw that the baseUrl should point to the simplesaml package. But, because that package is in the vendor, I can't do that.
Is there a way to still use the simpleSAMLphp bundle or do I need to look for a symfony bundle to use simpleSAML?
Thank you.
I highly recommend you to give a try to :
https://www.lightsaml.com
I've tried to do a simple IDP / SP service and it works pretty well and straightforward. Along that I find the website examples also well written so you can start with a base.
If still want to use simplesaml search for "simplesamlphp-bundle" in packagist.org there is at least 3 packages that bundlify this and can help you out to set it up.
Related
Im trying to add some custom javascript to my admin but not having such a good time. What I tried so far is.
Requirements::javascript('../mysite/modules/widgets/widgets/calculator/admin/js/admin.js');
The path is correct because when I do fopen to that it returns true.
I have also tried the following.
LeftAndMain::require_javascript('../mysite/modules/widgets/widgets/calculator/admin/js/admin.js');
Same thing with fopen.
It doesn't give any error niether is it loaded(I checked network tab in dev tools)
The path should be relative to the site root not the cms or framework folders. In other words: 'mysite/modules/widgets/widgets/calculator/admin/js/admin.js'
Depending on your situation, I've had more luck using yml for this. I'm not convinced the dynamic loading always works perfectly on ajax requests. In this case it would look like:
LeftAndMain:
extra_requirements_javascript:
- mysite/modules/widgets/widgets/calculator/admin/js/admin.js
I am trying to understand the example described here.
What is puzzling to me is that there is apparently no code. I run the spring-security-samples-insecuremvc-3.2.x within Tomcat and a form is presented to interact with but there is no Java code whatsoever as far as I can see. I can't even find the form. I realize that the code must be in one of the dependencies but I am baffled at how this all works.
Spring does generate/provide a default login form if it's configured to do form-based login and no custom login form is configured.
Sidenote: how to create and configure a custom login form is, for example, explained here: http://docs.spring.io/spring-security/site/docs/3.2.x/guides/form.html (to long to be copy/pasted here).
I have been looking at this sample today with the same questions as you - where the heck is the source? I finally found the answer I think you're looking for. Take a look at the pom.xml and in the dependencies you'll see spring-security-samples-messages-jc. Assuming you downloaded all the samples, import that project into STS and you'll find the files you're looking for.
BTW, I've been following the instructions on the spring security website to add security to this sample and I have not yet been able to get it to work - the login screen does not appear. Let me know if you have better luck than me.
The default spring security login form is generated by the class org.springframework.security.web.ui.DefaultLoginPageGeneratingFilter which is in spring-security-web-$version.jar
The method is generateLoginPageHtml()
I am building a Symfony2 project, using FosUserbundle and have a serious security issue. When a user tries to connect, it correctly redirects to the home page when the credentials are correct, but most of the time without actually loading the user, still with the anonymous token, not logged.
It sometimes logs me successfully at the first try, usually after 2-4 attempts, sometimes more. It seems to fail 70 to 80% of the time.
There is no error message at all, everything seems to work just fine, except it doesn't. I cloned my project without FosUser, using the login and security system in the cookbook in the documentation on the Symfony website, still the same.
The application has been developed with Symfony 2.3, but upgrading to 2.6 and 2.7 doesn't solve the problem.
The security code is completely vanilla except to extends my template in one twig file, and the behaviour is still the same without the extends.
The config files have been modified according to the FosUserBundle doc.
I am obviously missing something, but no idea what.
After a couple of week, it stopped doing weird stuff, that is good, but no idea why, that is not so good.
As i have said, the config files are straight out off the official doc. If they were at fault, i think that dozens would have had the same issue.
For the curious, it started doing weird stuff while i was playing with websockets and Ratchet. I don't know if it give an idea to someone as to the why.
I'm currently working on symfony2 projects. Each time, the deployment process is a real pain in the back (even with the cookbook advices).
I have this strange feature that I can't explain. My post variables are always empty in some bundles of symfony 2, no matter how I access them ($_POST['foo'] or request->get('foo')). This feature is online only. On my local server, it works perfectly well.
Example 1: coresphere console bundle
I'm using the coresphere console bundle to run command line on my ovh remote server. But the bundle commands were never working (no matter what my installation was) ie my post variables were always empty causing each command to crash. I thought that may be an error in some of my other installed bundles was causing the post variables of the console bundle to be empty. So I installed it on an empty symfony2 project (I even removed Acme and of course I tested that everything was working on my local server before uploading the project). The console still didn't work. My only solution (a bad one though) was to hack the javascript console.js of the bundle and transform the post request into get request. It then worked fine. At this stage I thought: "ok may be the problem comes from ajax post request on ovh?"
Example2: A home made bundle for a project
I build a bundle for a project. In this project I don't use ajax post request at all. And still, my post variables are always empty (I remind that locally, everything works just smoothly). For this bundle I'm using FOSUserBundle with HWIOAuthBundle for authentication (if it has anything to do with that?)
Summary
I'm clueless about what is going on and I would like to have some sort of track to follow. Just as a reminder: I'm using an OVH shared server with the performance package. I can use git up there. But I can't really use console command (even in ssh). So that's why I'm using the coresphere console bundle.
Thank you for your help.
I got a solution for my home made bundle:
The problem was coming from my routing.yml file (in app/config). I was using fosjsrouting and it seems that the routing of fosjsrouting needs to be called at the very end of the routing.yml file (in app/config).
See below:
app/config/routing.yml:
... and at the very end:
fos_js_routing:
resource: "#FOSJsRoutingBundle/Resources/config/routing/routing.xml"
However, I still don't understand the problem with the coresphere bundle. This doesn't solve it.
Please see my DNN Forum Post for more details.
I've never had any issues with DotNetNuke installations. But with the new v5.20 (or v5.02, whichever it really is), everything runs perfectly fine through installation. I then get to the main default portal homepage. But as soon as I click any of the links available to continue (Home, Register or Login) I get 404 errors every time with a reference back to the applicable aspx page (Home.aspx, Register.aspx or Login.aspx.).
Windows 7, IIS7, SQL Server 2008. All permissions are setup properly on the directory and in IIS. I would think this is an IIS7 configuration issue, but I've tweaked everything in there a half-dozen times. No one at DNN is returning answers on my forum post anymore either after one guy tried.
Help!
This is something to do with the Friendly URL stuff. I found this blog post which talks about the Friendly URL Provider architecture. This made me try changing the urlFormat attribute for the DNNFriendlyUrl provider from "humanfriendly" to "searchfriendly", which made the URLs the way they used to be. I'm not sure exactly where things are going wrong and don't really have time to dig into it at the moment, but hopefully this will be helpful to get you moving again too.
With the release of DNN5 (up until 5.02.01 as of the time of writing), the friendly URL provider won't work when DotNetNuke is not on default port 80. There are different solutions floating around, but the simplest is just to replace the DNN friendly URL provider with the free one from iFinity. The installation is really simple and included in the download. Or see the following blog post:
http://www.sailer.com.au/dotnetnuke/dnn5-friendlyurl-port
Okay have you tried the 'old style' of login - domain.com/default.aspx?ctl=login
If that still doesnt work then i have to say that most likely something has happened to IIS - if so then you might just see if you can install the package you have on a different box or have a friend try a different box
I have done 2 upgrades with 5.2 and a few test installs with the Starter Kit Package and Install packages and have never seen this problem - not to say that it doesnt exist.
My next trial would be to go and redownload the install package from CodePlex and start from scratch to see if you can make the same thing happen again.
OKayone thing I dont think that has been mentioned in reading through everything is double check IIS.
My first guess without looking on your server would be to check if something happened to the 'check file exists' setting - i know this is changed in IIS7 so I cant point to the exact place to check this.
Here is a link to the IIS7 forums on it - http://forums.iis.net/t/1092696.aspx
http://forums.asp.net/t/1191083.aspx
either one might help - google also has a lot on this
Tell me how this goes in checking up on it and we can move forward from there!
you probably need to reg_iis on the version(s) of asp.net that your IIS is going to support.
http://msdn.microsoft.com/en-us/library/k6h9cz8h(VS.80).aspx
If the right version is not set up then you will get the 404 error
So placing it under port 80 works, right?
Is there a good reason not putting it under that port?