I'am doing an connection to IDP with sustainsys SAML2 with the Saml2AuthenticationModule and Sustainsys.Saml2.HttpModule
Since I want metadata returned I need to set
AttributeConsumingService index from 0(default) to 1.
Tried to find ways to change it without success. Anyone knows how?
<AttributeConsumingService index="0" isDefault="true">
<ServiceName xml:lang="en">SP</ServiceName>
<RequestedAttribute isRequired="true" Name=...
...
You can configure the value in Startup.cs
.AddSaml2("IDP", "IDP", opt =>
{
opt.SPOptions = new Sustainsys.Saml2.Configuration.SPOptions
{
EntityId = new EntityId(ipdUrl),
ReturnUrl = new Uri(webSiteUrl),
ModulePath = string.Format("/saml2/{0}", "idp"),
AuthenticateRequestSigningBehavior = SigningBehavior.Always,
MinIncomingSigningAlgorithm = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
};
RequestedAttribute requestedAttributeEmail = new RequestedAttribute("email");
requestedAttributeEmail.FriendlyName = "Email";
requestedAttributeEmail.NameFormat = RequestedAttribute.AttributeNameFormatBasic;
requestedAttributeEmail.IsRequired = false;
AttributeConsumingService attributeConsumingService = new AttributeConsumingService();
attributeConsumingService.RequestedAttributes.Add(requestedAttributeEmail);
attributeConsumingService.ServiceNames.Add(new LocalizedName("Required attributes", "en"));
attributeConsumingService.IsRequired = true;
attributeConsumingService.Index = 1;
attributeConsumingService.IsDefault = true;
opt.SPOptions.AttributeConsumingServices.Add(attributeConsumingService);
});
Using the MVC #Html.DevExpress().ColorEdit component I couldn't find a way to detect color changed by user.The is no "ClientSideEvents" on this control.The DevExpress Help mention a "ColorChanged" event but after exhaustive search couldn't find anything related. Bellow is the code that is working:
#Html.DevExpress().ColorEdit(s => {
s.Name = "ColorEdit";
s.Properties.AllowUserInput = true;
s.ClientEnabled = true;
}).GetHtml()
You can find the "ColorChanged" event in "Properties". Also make sure to set the property "EnableClientSideAPI" to true.
#Html.DevExpress().ColorEdit(s => {
s.Name = "ColorEdit";
s.Properties.AllowUserInput = true;
s.ClientEnabled = true;
s.Properties.EnableClientSideAPI = true;
s.Properties.ClientSideEvents.ColorChanged = "onColorChanged";
}).GetHtml()
Javascript:
function onColorChanged(s, e) {
alert("color has changed");
}
I know this question is already answered but that's for PHP user. I'm using ASP.NET and this error keep happens. I tried to look for the config in the CKFinderScripts folder but there is no such config (in 2nd version there is but i dont understand why this version is not). I created a config in aspx myself but it still doesn't work.
<%# Control Language="C#" EnableViewState="false" AutoEventWireup="false" Inherits="CKFinder.Settings.ConfigFile" %>
<%# Import Namespace="CKFinder.Settings" %>
<script runat="server">
/**
* This function must check the user session to be sure that he/she is
* authorized to upload and access files using CKFinder.
*/
public override bool CheckAuthentication()
{
// WARNING : DO NOT simply return "true". By doing so, you are allowing
// "anyone" to upload and list the files in your server. You must implement
// some kind of session validation here. Even something very simple as...
//
// return ( Session[ "IsAuthorized" ] != null && (bool)Session[ "IsAuthorized" ] == true );
//
// ... where Session[ "IsAuthorized" ] is set to "true" as soon as the
// user logs on your system.
return true;
}
/**
* All configuration settings must be defined here.
*/
public override void SetConfig()
{
// Paste your license name and key here. If left blank, CKFinder will
// be fully functional, in Demo Mode.
LicenseName = "";
LicenseKey = "";
// The base URL used to reach files in CKFinder through the browser.
BaseUrl = "/ckfinder/userfiles/";
// The phisical directory in the server where the file will end up. If
// blank, CKFinder attempts to resolve BaseUrl.
BaseDir = "";
// Optional: enable extra plugins (remember to copy .dll files first).
Plugins = new string[] {
// "CKFinder.Plugins.FileEditor, CKFinder_FileEditor",
// "CKFinder.Plugins.ImageResize, CKFinder_ImageResize",
// "CKFinder.Plugins.Watermark, CKFinder_Watermark"
};
// Settings for extra plugins.
PluginSettings = new Hashtable();
PluginSettings.Add("ImageResize_smallThumb", "90x90" );
PluginSettings.Add("ImageResize_mediumThumb", "120x120" );
PluginSettings.Add("ImageResize_largeThumb", "180x180" );
// Name of the watermark image in plugins/watermark folder
PluginSettings.Add("Watermark_source", "logo.gif" );
PluginSettings.Add("Watermark_marginRight", "5" );
PluginSettings.Add("Watermark_marginBottom", "5" );
PluginSettings.Add("Watermark_quality", "90" );
PluginSettings.Add("Watermark_transparency", "80" );
// Thumbnail settings.
// "Url" is used to reach the thumbnails with the browser, while "Dir"
// points to the physical location of the thumbnail files in the server.
Thumbnails.Url = BaseUrl + "_thumbs/";
if ( BaseDir != "" ) {
Thumbnails.Dir = BaseDir + "_thumbs/";
}
Thumbnails.Enabled = true;
Thumbnails.DirectAccess = false;
Thumbnails.MaxWidth = 100;
Thumbnails.MaxHeight = 100;
Thumbnails.Quality = 80;
// Set the maximum size of uploaded images. If an uploaded image is
// larger, it gets scaled down proportionally. Set to 0 to disable this
// feature.
Images.MaxWidth = 1600;
Images.MaxHeight = 1200;
Images.Quality = 80;
// Indicates that the file size (MaxSize) for images must be checked only
// after scaling them. Otherwise, it is checked right after uploading.
CheckSizeAfterScaling = true;
// Increases the security on an IIS web server.
// If enabled, CKFinder will disallow creating folders and uploading files whose names contain characters
// that are not safe under an IIS 6.0 web server.
DisallowUnsafeCharacters = true;
// If CheckDoubleExtension is enabled, each part of the file name after a dot is
// checked, not only the last part. In this way, uploading foo.php.rar would be
// denied, because "php" is on the denied extensions list.
// This option is used only if ForceSingleExtension is set to false.
CheckDoubleExtension = true;
// Due to security issues with Apache modules, it is recommended to leave the
// following setting enabled. It can be safely disabled on IIS.
ForceSingleExtension = true;
// For security, HTML is allowed in the first Kb of data for files having the
// following extensions only.
HtmlExtensions = new string[] { "html", "htm", "xml", "js" };
// Folders to not display in CKFinder, no matter their location. No
// paths are accepted, only the folder name.
// The * and ? wildcards are accepted.
// By default folders starting with a dot character are disallowed.
HideFolders = new string[] { ".*", "CVS" };
// Files to not display in CKFinder, no matter their location. No
// paths are accepted, only the file name, including extension.
// The * and ? wildcards are accepted.
HideFiles = new string[] { ".*" };
// Perform additional checks for image files.
SecureImageUploads = true;
// Enables protection in the connector.
// The default CSRF protection mechanism is based on double submit cookies, where
// connector checks if the request contains a valid token that matches the token
// sent in the cookie
//
// https://www.owasp.org/index.php/Cross-Site_Request_Forgery_%28CSRF%29_Prevention_Cheat_Sheet#Double_Submit_Cookies
EnableCsrfProtection = true;
// The session variable name that CKFinder must use to retrieve the
// "role" of the current user. The "role" is optional and can be used
// in the "AccessControl" settings (bellow in this file).
RoleSessionVar = "CKFinder_UserRole";
// ACL (Access Control) settings. Used to restrict access or features
// to specific folders.
// Several "AccessControl.Add()" calls can be made, which return a
// single ACL setting object to be configured. All properties settings
// are optional in that object.
// Subfolders inherit their default settings from their parents' definitions.
//
// - The "Role" property accepts the special "*" value, which means
// "everybody".
// - The "ResourceType" attribute accepts the special value "*", which
// means "all resource types".
AccessControl acl = AccessControl.Add();
acl.Role = "*";
acl.ResourceType = "*";
acl.Folder = "/";
acl.FolderView = true;
acl.FolderCreate = true;
acl.FolderRename = true;
acl.FolderDelete = true;
acl.FileView = true;
acl.FileUpload = true;
acl.FileRename = true;
acl.FileDelete = true;
// Resource Type settings.
// A resource type is nothing more than a way to group files under
// different paths, each one having different configuration settings.
// Each resource type name must be unique.
// When loading CKFinder, the "type" querystring parameter can be used
// to display a specific type only. If "type" is omitted in the URL,
// the "DefaultResourceTypes" settings is used (may contain the
// resource type names separated by a comma). If left empty, all types
// are loaded.
// ==============================================================================
// ATTENTION: Flash files with `swf' extension, just like HTML files, can be used
// to execute JavaScript code and to e.g. perform an XSS attack. Grant permission
// to upload `.swf` files only if you understand and can accept this risk.
// ==============================================================================
DefaultResourceTypes = "";
ResourceType type;
type = ResourceType.Add( "Files" );
type.Url = BaseUrl + "files/";
type.Dir = BaseDir == "" ? "" : BaseDir + "files/";
type.MaxSize = 0;
type.AllowedExtensions = new string[] { "7z", "aiff", "asf", "avi", "bmp", "csv", "doc", "docx", "fla", "flv", "gif", "gz", "gzip", "jpeg", "jpg", "mid", "mov", "mp3", "mp4", "mpc", "mpeg", "mpg", "ods", "odt", "pdf", "png", "ppt", "pptx", "pxd", "qt", "ram", "rar", "rm", "rmi", "rmvb", "rtf", "sdc", "sitd", "swf", "sxc", "sxw", "tar", "tgz", "tif", "tiff", "txt", "vsd", "wav", "wma", "wmv", "xls", "xlsx", "zip" };
type.DeniedExtensions = new string[] { };
type = ResourceType.Add( "Images" );
type.Url = BaseUrl + "images/";
type.Dir = BaseDir == "" ? "" : BaseDir + "images/";
type.MaxSize = 0;
type.AllowedExtensions = new string[] { "bmp", "gif", "jpeg", "jpg", "png" };
type.DeniedExtensions = new string[] { };
type = ResourceType.Add( "Flash" );
type.Url = BaseUrl + "flash/";
type.Dir = BaseDir == "" ? "" : BaseDir + "flash/";
type.MaxSize = 0;
type.AllowedExtensions = new string[] { "swf", "flv" };
type.DeniedExtensions = new string[] { };
}
</script>
CKFinder 3 doesn't use config.aspx. It uses web.config. Now, if you are using CKFinder as standalone application then please see: https://docs.ckeditor.com/ckfinder/ckfinder3-net/quickstart.html#quickstart_configuration_authentication. Adding the * in <add key="ckfinderAllowedRole" value="" /> will fix the problem but please note that everyone will have access to your CKFinder then and while this approach may be good for testing, you should create your own authentication mechanism before hitting the production: https://docs.ckeditor.com/ckfinder/ckfinder3-net/howto.html#howto_custom_authenticator
If your CKFinder is integrated into application e.g. you have used basic MVC template together with NuGet packages then it is the application which controls access to its resources and in order to get to CKFinder, you need to log into your application (simple as that). If you have any extra access levels where you can define what user can access or not, this is something, you figure out and configure on your own.
Ok i need to update field Active to True this is code
public static bool FirstLogin(Guid ActivationCode)
{
using (InfinityNightDataContext data = new InfinityNightDataContext())
{
User user = data.Users.Single(User => User.EmailActivation == ActivationCode);
if (user != null)
{
user.Active = true;
user.Exp = "i HAs here";
data.SubmitChanges();
InstallMembershipCookie(user.UserId, user.Email, user.Password, user.UserType, user.FirstName, user.UserImg, "", true);
return true;
}
else
{
return false;
}
}
}
and after data.SubmitChanges(); i can see the changes on the object user but not in DataBase in other function this works but in this case it's don't work ..
any one know what is the problem?
One possible option (as you haven't said much about your setup): Are you using a local database, or a user instance, i.e. does your connection string contain AttachDbFileName? If so is there another copy of the database in your active bin folder (bin\debug, for instance)? If there is can you attach that to SQL express and see if your change has appeared?
I have a site behind basic authentication (IIS6).
Part of this site calls a web service that is also part of the site and thus behind basic authentication as well.
However, when this happens the calling code receives a 401 Authentication Error.
I've tried a couple of things, with the general recommendation being code like this:
Service.ServiceName s = new Service.ServiceName();
s.PreAuthenticate = true;
s.Credentials = System.Net.CredentialCache.DefaultCredentials;
s.Method("Test");
However, this does not seem to resolve my problem.
Any advice?
Edit
This seems to be a not uncommon issue but so far I have found no solutions.
Here is one thread on the topic.
Solution: (I am almost certain this will help someone)
See this link for the source of this solution in VB (thanks jshardy!), all I did was convert to C#.
NB: You must be using ONLY basic authentication on IIS for this to work, but it can probably be adapted. You also need to pass a Page instance in, or at least the Request.ServerVariables property (or use 'this' if called from a Page code-behind directly). I'd tidy this up and probably remove the use of references but this is a faithful translation of the original solution and you can make any amendments necessary.
public static void ServiceCall(Page p)
{
LocalServices.ServiceName s = new LocalServices.ServiceName();
s.PreAuthenticate = true; /* Not sure if required */
string username = "";
string password = "";
string domain = "";
GetBasicCredentials(p, ref username, ref password, ref domain);
s.Credentials = new NetworkCredential(username, password, domain);
s.ServiceMethod();
}
/* Converted from: http://forums.asp.net/t/1172902.aspx */
private static void GetBasicCredentials(Page p, ref string rstrUser, ref string rstrPassword, ref string rstrDomain)
{
if (p == null)
{
return;
}
rstrUser = "";
rstrPassword = "";
rstrDomain = "";
rstrUser = p.Request.ServerVariables["AUTH_USER"];
rstrPassword = p.Request.ServerVariables["AUTH_PASSWORD"];
SplitDomainUserName(rstrUser, ref rstrDomain, ref rstrUser);
/* MSDN KB article 835388
BUG: The Request.ServerVariables("AUTH_PASSWORD") object does not display certain characters from an ASPX page */
string lstrHeader = p.Request.ServerVariables["HTTP_AUTHORIZATION"];
if (!string.IsNullOrEmpty(lstrHeader) && lstrHeader.StartsWith("Basic"))
{
string lstrTicket = lstrHeader.Substring(6);
lstrTicket = System.Text.Encoding.Default.GetString(Convert.FromBase64String(lstrTicket));
rstrPassword = lstrTicket.Substring((lstrTicket.IndexOf(":") + 1));
}
/* At least on my XP Pro machine AUTH_USER is not set (probably because we're using Forms authentication
But if the password is set (either by AUTH_PASSWORD or HTTP_AUTHORIZATION)
then we can use LOGON_USER*/
if (string.IsNullOrEmpty(rstrUser) && !string.IsNullOrEmpty(rstrPassword))
{
rstrUser = p.Request.ServerVariables["LOGON_USER"];
SplitDomainUserName(rstrUser, ref rstrDomain, ref rstrUser);
}
}
/* Converted from: http://forums.asp.net/t/1172902.aspx */
private static void SplitDomainUserName(string pstrDomainUserName, ref string rstrDomainName, ref string rstrUserName)
{
rstrDomainName = "";
rstrUserName = pstrDomainUserName;
int lnSlashPos = pstrDomainUserName.IndexOf("\\");
if (lnSlashPos > 0)
{
rstrDomainName = pstrDomainUserName.Substring(0, lnSlashPos);
rstrUserName = pstrDomainUserName.Substring(lnSlashPos + 1);
}
}
The Line:
s.Credentials = System.Net.CredentialCache.DefaultCredentials();
Maybe you should try :
s.Credentials = HttpContext.Current.User.Identity;