I'm trying to retrieve user and password from the url http://user:password#domain.com using nginx but I cannot find these variables name in nginx documentation or google.
Is there anyway to achieve this or to get the url that the user has truly typed in his browser ( i.e. http://user:password#domain.com ) ?
Many thanks for your help!
Ok, in fact my problem was related to the fact that my browser (FireFox) seems to not handle request like http://user:password#domain.com anymore.
I have tried curl and nginx successfully pass user and password to php.
#user1723580 The basic authentication in URL is working fine in Firefox event on the latest Nightly version.
Related
When app is running without nginx then Flask forms work fine. But when I use NGINX then i get "{'csrf_token': ['The CSRF tokens do not match.']}" error every time I try to submit the form.
What could be an issue?
I have tried:
to clear all the cookies from the browser.
submit the form while accessing an app in incognito mode.
reviewed all of the forums in stackoverflow that are related with this issue.
Nothing helped. What could be an issue here?
I found out the answer in this article: https://nickjanetakis.com/blog/fix-missing-csrf-token-issues-with-flask
Appearantly Flask does not loke (cookie likewise) to use IP addresses as SERVER_NAME parameter. So at least set it to localhost.domain or something similar and everything will be ok :)
i already tried to find an answer here on nearly at any place at the web, but didn't find an answer that helped me out here - so i'm trying it here with this question:
i have to to get some information from a server in a domain, using https via indy components and the windows authentication. that's working quite fine (via IdHTTP1.Get(sURI)), the server logs are showing this (domain/user/request) and the response is always valid.
afterwards i try to post now some new values to the requested data, but this fails, since i get a "401" authenticaion error. BasicAuthentication=false, and HTTPOptions=[hoInProcessAuth,hoForceEncodeParams] via IdHTTP1.Post(sURI, Req_Json), where Req_Json is a UTF-8 encoded TStringStream. Now (and only when trying to POST) the IdHTTP1Authorization event is triggered twice, even if I do a handled=true there (read somewhere in a forum) it fails, if I do nothing there I get the same result: 401. There were some tips about the IdHTTP1SelectAuthorization event, but with that I had no luck, too.
Any ideas, where to start to get this solved? If there are any questions open, don't hesitate to ask!
p.s.: trying to post the same information via postman works correctly - so i guess it's about delphi/indy ...
I have been trying to enable HTTPS login on alfresco but it seems to be a challenge to get it working.
I can access my website via HTTPS and get the login page, but when I login with the correct credentials I get the following error :
Something's wrong with this page...
We may have hit an error or something might have been removed or deleted, so check that the URL is correct.
Alternatively you might not have permission to view the page (it could be on a private site) or there could have been an internal error. Try checking with your IT team.
If you're trying to get to your home page and it's no longer available you should change it by clicking your name on the toolbar.
I must login in HTTP then refresh my HTTPS page to be connected in HTTPS.
I have already seen what the offical doc says and tested it but it didn't work.
Has anyone an idea on how to fix the problem ?
Thanks
The alfresco.log / catalina.out should tell your more.
Where / how did you set up https? Have a a reverse proxy like nginx or apache in front of the alfresco tomcat?
If the log says something like "CSRF Token Filter issue" then you need to set share.host / port / protocol in alfresco-global.properties as seen from the browser.
What is to be done?
We have an application deployed on the Sharepoint (corporate) Server which uses the windows credentials to log into the application.
App URL format: http://testmachine:1000/sites/test/
Windows Credentials Format: user_id#domain.co.in
The objective is to perform the load/performance testing on the application (especially the log in functionality) for such n number of users.
Normally when I hit the app URL in the Firefox/IE, it pops up a window asking for credentials. I enter the credentials, browse the app and then log out. I intend to capture this in JMeter and simulate this for large number of users.
Where I’m stuck?
Now I start the JMeter proxy server, and then try the same steps as above. But when the pop up window appears, JMeter simply doesn’t record the it nor it does record anything else after the login.
What I’ve tried?
If I try the same steps after enabling “Automatically detect intranet network” in IE, then it simply auto detects my windows credentials (No credentials pop-up), logs me into the app (this is not recorded in JMeter either) and takes me to the home page. And any page thereafter I hit gets recorded in JMeter.
I’ve also tried to use the HTTP Authorization Manager using following parameters:
BaseURL : http://testmachine:1000/sites/test/
Username: DOMAIN\USER_ID
Password: i_wont_tell_you
Domain: \
Realm:
It didn't help. I am quite confused about how-to-use the above element. And not even sure whether its a right approach to get the solution to my problem.
Any help/suggestions?
P.S. I know about a tool called Badboy, but have to go for it as a last resource. Also not even sure if it records the pop windows.
And sorry if the post is verbose.
UPDATE:
I have also tried -
Username: USER_ID and Domain: my_company_domain
But this is not the actual problem. Problem is, when I try to hit the pages (automation) which I've recorded previously return success response even if I haven't used the HTTP Authorization Manager. I'm not sure what I'm missing.
OK. Finally I got what was missing.
First, I had to change the implementation of every request to HttpClient3.1
Second, it was really frustrating to see that JMeter documentation was misleading.
It says that the config file httpclient.parameters, should be edited as following:
http.authentication.preemptive$Boolean=false
But it didn't work. Changing it to true worked like a charm.
Hope this helps other people.
JMeter works at the HTTP layer so the proxy will only capture requests made over this protocol layer. It sounds to me like you have already found the right approach to use for recording by using '“Automatically detect intranet network” in IE', you can use this method to capture most requests and you will have to figure out authentication manually. How you do this depends on how your application communicates with your server to authenticate a user.
I know that there are many questions like this, but most seem to be older.
I know all about setting up my web app on the above services, and have seen that most require a valid domain for a callback [www.abc.com/oauthReturn.aspx].
What do I need to do in order to test locally, where the return URL would be: http://localhost:0000/oauthReturn.aspx ?
You can't use http://127.0.0.1 in Yahoo - not a valid URL.
I'm running asp.net/VB.net, IIS7. Localhost runs Windows 7 & Prod server runs Windows 2008 server.
When I try accessing the microsoft site, I get an error message, after I sign in, about not allowing localhost.
Any help is appreciated.
Thanx
Jerry
Try following the instructions here. Make sure to read all the way to the bottom where they suggest registering the localhost call back URL in bit.ly (or some other URL shortener) and using the bit.ly link as the call back URL.