I am trying to custmoize the User Flows (Policies) by changing the Page layout. I followed this example, first putting my html file on a public folder on my webspace, then also setting up the Blob Storare and CORS (Tested with test-cors.org).
In both cases, once I set the Custom page URI, when I Run user flow I get the following exception:
ArgumentException: An item with the same key has already been added. Key: MicrosoftIdentityError
System.Collections.Generic.Dictionary<TKey, TValue>.TryInsert(TKey key, TValue value, InsertionBehavior behavior)
System.Collections.Generic.Dictionary<TKey, TValue>.Add(TKey key, TValue value)
Microsoft.AspNetCore.Mvc.ViewFeatures.TempDataDictionary.Add(string key, object value)
Microsoft.Identity.Web.TempDataLoginErrorAccessor.SetMessage(HttpContext context, string message)
Microsoft.Identity.Web.AzureADB2COpenIDConnectEventHandlers.OnRemoteFailure(RemoteFailureContext context)
Microsoft.Identity.Web.MicrosoftIdentityWebAppAuthenticationBuilderExtensions+<>c__DisplayClass5_2+<<AddMicrosoftIdentityWebAppInternal>b__5>d.MoveNext()
Microsoft.AspNetCore.Authentication.RemoteAuthenticationHandler<TOptions>.HandleRequestAsync()
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
If I load it through my DemoApp I get the following error:
Message contains error: 'server_error', error_description: 'AADB2C90047: The resource 'https://emab2cblobstorage.blob.core.windows.net/root/customize-ui.html' contains script errors preventing it from being loaded. Correlation ID: ba1a35d8-4727-4a2a-b06e-30a5ca7a9ea1 Timestamp: 2021-03-15 13:49:30Z ', error_uri: 'error_uri is null'.
Don't find any help on the web.
Edit:
This are the Azure CORS settings:
I don't see the correct Access-Control-Allow-Origin header coming back when I make a request to your HTML.
Add https://your-tenant-name.b2clogin.com to the Allowed Origins on the storage account.
https://learn.microsoft.com/en-gb/azure/active-directory-b2c/customize-ui-with-html?pivots=b2c-user-flow#3-configure-cors
I found out the problem. When I set up the CORS settings i did not read Use all lowercase letters when entering your tenant name of the guide. If uppercase letters are used, this exception is thrown. Switching to lowercase was the key!
Related
I created a class in my Parse Server, using the Parse Dashboard, and then I changed the Class Level Permissions to allow only one user to perform read and write operations in the documents of this class:
The user that is supposed to have access to this class was also created manually through the Parse Dashboard and it looks like this:
However, when I try to query documents from this class, using this user in specific, I keep getting the error message "Permission denied for action find on class Person". This is how my code to login and query the class looks like:
const Person = Parse.Object.extend('Person')
Parse.Object.registerSubclass('Person', Person)
Parse.User.logIn('username', 'password').then(user => {
console.log('E-mail: ' + user.getEmail())
console.log('Created: ' + user.createdAt)
console.log('Current: ' + user.isCurrent())
console.log('Authenticated: ' + user.authenticated())
const query = new Parse.Query(Person)
query.equalTo('name', 'John')
return query.find()
})
I included a bunch of console.log's to check what information about the user is being printed and I confirm that the login seems to complete successfully because the fields email and createdAt match the information that I see in the Parse Dashboard. However, the field authenticated and current both return false, but I don't know why. I was expecting them to return true.
This is the only place in the application that I try to login the Parse Server and perform an operation that is restricted to only one user. Any idea why I'm getting this "Permission denied for action find on class Person" error?
I guess that this is related to security. Generally Parse will not allow a user to get data about any other user, unless you do some actions - e.g. - allow it from the dashboard. But anyway I guess that you have to do it one by one.
I have a swift project with 3 entities in my xcdatamodeld: Access, CustomerInfo and User. I am trying to save the dateEndSubscription separately in the User. When I am trying to save , I get error as : Terminating app due to uncaught exception 'NSUnknownKeyException', reason: '[ setValue:forUndefinedKey:]: the entity User is not key value coding-compliant for the key "dateEndSubscription".' Anyone please help to solve it in swift4.
The json message contains the key dateEndSubscription but the attribute in your User entity is named dateEnd so they doesn’t match.
A few options to solve this in your saveUser method
Change API.DateEnd to dateEnd but maybe that will infer with the decoding of the json message.
Don't use API key but instead hardcode attribute name
user.setValue(dateEnd, forKey: "dateEnd")
and lastly use the property of the User class directly
user.dateEnd = dateEnd
You need to change saveCustomerInformation as well since you are working with a User object there as well although it's unclear why.
According to their API documentation, the field of errorType can return either N, S, or U. I assume N = None because that's returned upon success.
What do S and U mean?
From a Beanstream integration document:
The errorType response variable will indicate “U” if a form field error
occurs. The errorFields variable will contain a list of fields that failed validation. errorMessage will contain descriptive text that may be displayed to customers if desired.
And:
System generated errors can be identified in a Server to Server integration by a response message “errorType=S” in the Beanstream response string. If a system generated error occurs, validate your integration and website setup.
DataServiceRequestException was unhandled by user code. An error occurred while processing this request.
This is in relation to the previous post I added
public void AddEmailAddress(EmailAddressEntity emailAddressTobeAdded)
{
AddObject("EmailAddress", emailAddressTobeAdded);
SaveChanges();
}
Again the code breaks and gives a new exception this time. Last time it was Storage Client Exception, now it is DataServiceRequestException. Code breaks at SaveChanges.
Surprisingly, solution is same. CamelCasing is not supported. So the code works if "EmailAddress" is changed to "Emailaddress" or "emailaddress"
More details
http://weblogs.asp.net/chanderdhall/archive/2010/07/10/dataservicerequestexception-was-unhandled-by-user-code-an-error-occurred-while-processing-this-request.aspx
Because you've tagged this with "azure" and "table," I'm going to assume this code results in a call to Windows Azure tables. If so, I can assure you that camel casing table names is indeed supported. However, the string you pass to AddObject has to match a table that you've created, so make sure the code where you create the table is using the same casing.
I am developing a web app by using Grails and using Grails LDAP as my Authentication mechanism. However, i always get following error:
{Error 500: Cannot pass null or empty values to constructor
Servlet: default
URI: /ldap-app/j_spring_security_check
Exception Message: Cannot pass null or empty values to constructor
Caused by: Cannot pass null or empty values to constructor
Class: GrailsAuthenticationProcessingFilter }
My SecurityConfig.groovy file is :
security {
// see DefaultSecurityConfig.groovy for all settable/overridable properties
active = true
loginUserDomainClass = "User"
authorityDomainClass = "Role"
requestMapClass = "Requestmap"
useLdap = true
ldapRetrieveDatabaseRoles = false
ldapRetrieveGroupRoles = false
ldapServer = 'ldap://worf-mi.dapc.kao.au:389'
ldapManagerDn = 'CN=sa-ldap-its,OU=Unix Servers for Kerberos,OU=Information Technology Services,OU=Special Accounts,DC=nexus,DC=dpac,DC=cn'
ldapManagerPassword = 'Asdf1234'
ldapSearchBase = 'OU=People,DC=nexus,DC=dpac,DC=cn'
ldapSearchFilter = '(&(cn={0})(objectClass=user))'
}
I had the same problem, read the solution above and did something else. Instead of modifying GrailsUserImpl.java I simply switched the password in the user table from NULL to '' (empty String). Since the password is not used for LDAP, the emptry string will be transmitted (instead of the NULL value) which has the same effect as
super(username, "", enabled, accountNonExpired,
credentialsNonExpired, accountNonLocked, authorities);
but it doesnt affect the source code. This worked for my project, hope it helped too.
Steven
i had the same problem and found a solution.
This error occurs, because the Acegi-Plugin tries to store the Ldap-users password into the User-object.
In fact depending on settings of the LDAP-Server it is not allowed to retrieve the password, so an empty value is given to the constructor, as the errormessage tells.
The fix i found is not really nice, but helps to get the plugin up and running. You have to change one field in the following file:
~/.grails//projects//plugins/acegi-0.5.3/src/java/org/codehaus/groovy/grails/plugins/springsecurity/GrailsUserImpl.java
or on windows:
C:/Users//.grails//projects//plugins/acegi-0.5.3/src/java/org/codehaus/groovy/grails/plugins/springsecurity/GrailsUserImpl.java
Constructor GrailsUserImpl() has the following body:
super(username, password, enabled, accountNonExpired,
credentialsNonExpired, accountNonLocked, authorities);
which has to be changed to:
super(username, "", enabled, accountNonExpired,
credentialsNonExpired, accountNonLocked, authorities);
Unfortunately this has to be done for every developer-client and every new project.. But it gets the ldap auth to run finally.
As i read they are working on this bug and try to fix it with version 0.6 of the plugin.
Hope i could help.
br,
Tim
Just add "ldapUsePassword = false " in your securityconfig file:
Setting ldapUsePassword to false is
important too. What we’re telling the
Acegi plugin is not to extract the
users password from Active Directory.
If you don’t set this to false, you’ll
get a lovely exception which isn’t
particularly useful,
java.lang.IllegalArgumentException:
Cannot pass null or empty values to
constructor. What this is trying to
tell you is that the users password is
null, which is correct since the
default setting for the Acegi plugin
is to try to extract the users
password from Active Directory, and we
haven’t told Acegi what attribute
Active Directory stores the password
in. By setting ldapUsePassword to
false, the plugin provides a bogus
password for the user details, and
we’re able to proceed without incident