I'm having problems trying to configure HOTP in openam10. I have configured Adaptive Risk Module and when the login attemp score is low the HOTP login form appears, everything is right by now, but when the use press the "Request OTP code" button nothing happens, no email is received, no error messages in openam logs, ...
Is there any known problem with this feature?
Thanks in advance.
I've never tried HOTP with OpenAM 10 but it works fine with 11. First take a look at the documentation if you haven't done so already.
You can also set the OpenAM server in debug mode to collect more information by going to Configuration > Servers and Sites > SERVER_NAME > General > Debugging and setting the "Debug level" to "message" (A server restart might be required). Then, go through the login process one more time and take a look at the following debug files: Authentication and CoreSystem. You can search for this string: "HTOP:process()", which maps to the auth module entry point, and post the details here.
Hope this helps.
Related
After a user performs a login using the portal LoginPortlet the login does not succeed and a WARN was printed to the log:
User 0 is not allowed to access URL http://localhost:8080/web/guest/login and portlet com_liferay_login_web_portlet_LoginPortlet: User 0 did not provide a valid CSRF token for com.liferay.portlet.SecurityPortletContainerWrapper
After a second login afterwards, the login was ok. The issues only occurs if the login page was opened some minutes and the auth token gets invalidated. This is basically fine, but the portal config portlet.add.default.resource.check.whitelist has an exclude for LoginPortlet. But this whitelist seems not avoid the unwanted check. Are there any other places how the avoid CSRF checking for LoginPortlet?
I could not reproduce this issue, I used this server for testing:
Liferay Community Edition Portal 7.3.5 CE GA6
Here are my steps, please let me know what I should change to experience the issue:
I extracted this zip file to my ubuntu linux pc:
liferay-ce-portal-tomcat-7.3.5-ga6-20200930172312275.tar.gz
Started the server and completed the 1st time setup
I re-started the server and visited localhost:8080 in an Opera browser
Waited 7 minutes
I clicked on "Sign in" in the upper right corner
Waited again 5 minutes
I entered my credentials
Results:
I could log on successfully, there were no errors about CSRF
A couple of suggestions:
A. Do a search for CSRF in:
https://github.com/liferay/liferay-portal/blob/master/portal-impl/src/portal.properties
and see if you can find a property that solves your issue
Such properties can be:
auth.token.impl=com.liferay.portal.security.auth.SessionAuthToken
auth.token.check.enabled=false
auth.token.ignore.origins
B. Maybe you can try to set up something like this in your portal-ext.properties:
portlet.add.default.resource.check.whitelist.actions=/login/login
C. You can do a search in Liferay Jira, for example this ticket talks about something similar:
https://issues.liferay.com/browse/LPS-129976
I can't enter a race, I always get an error saying "Unable to enter on "
Is there an place where I can get any log info?
Any other sugestion?
A couple of things to check:
What server are you trying to race on?
What AI are you trying to race with? Intermediate or Agent?
On the enter race window does your username appear on the bottom left next to a logout button?
The most likely cause of this is either you are not logged in (this should give a different error) or you are using an agent on a local Liberty server and something is preventing the server from starting. If it is an agent AI then you may see errors in your local Eclipse console - to make it visible in the code rally perspective go to window>show view>console. Any log output from the local Liberty server and your AI code will appear there, including any error messages.
I am getting an error saying I am not logged in to the server when attempting to submit my vehicle to the http://challenge-na.coderallycloud.com contest server. When I bring up the server list it shows that I am Online and logged in using my userid.
When I test the connection it is successful.
Unable to submit vehicle (after 10-15 minutes)
Unable to enter ChrisHanksCarOne on NA Contest Service
You need to login to the server before continuing to race. In the Code Rally Developer View choose the server list, right-click on the server and click login.
Sounds like the OAuth login hasn't worked properly, and the Eclipse plugin hasn't detected that. To fix log out from the server and login again (you can do this from the servers window or through the bottom of the enter race window). You should be asked to authenticate with Google, Facebook or Twitter - use the account you registered with on InfoQ and it should work (if not let me know and I can look into it further).
I am getting this error:
API Error Code: 191
API Error Description: The specified URL is not owned by the application
Error Message: Invalid redirect_uri: Given URL is not allowed by the Application configuration.
When browsing to this page.
https://www.facebook.com/dialog/oauth?response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A3000%2Fusers%2Fauth%2Ffacebook%2Fcallback&scope=email%2Cuser_about_me&client_id=clientid&type=web_server
I ofcourse googled around and found this topic:
Facebook API error 191
It says that add your page URL to facebook. I have been going through all tabs in facebook under my created App and there is no input box for page URL.
I also see that this answer is from early 2012 and possibly outdated, how should it be done in 2013?
If you go to "http://developers.facebook.com" you should be able to login, click on "Apps" at the top. From there you can click on "Edit Settings" for the app that you are testing (or creating). I took a screen shot of what that looks like:
My guess is there is an error in the field "App Domains", or in the "Site URL" field. You will want to make sure that your url and domain(s) are correct. Hopefully this helps or at least sets you on the right track.
One more suggestion - it looks like you are testing using "localhost". If you are developing on a windows system you can improve the quality of your tests by editing the hosts file and registering your actual host name. OSX or other operating systems have similar mechanisms for registering a host name. Once you have done this you can bind IIS or Apache to that host by creating a new site (or using the virtual hosts option). After that you should be able to type in a more real looking host name which makes the Facebook authentication work that much better. Best of luck!
Bulding via phonegap.build service simple example(https://github.com/phonegap-build/FacebookConnect/tree/master/example/Simple) from this repo + my config.xml (https://gist.github.com/zulman/5070388)
After tap on login button message informs me about "com.facebook.sdk error 2"
I check all info on github's main page about this error, check stackoverflow entries.
My bundle id is the same on facebook dev page and in config.
My sandbox mode disabled on facebook dev page.
My app ids are equal on js, config and facebook dev page.
How i can get extended error info or way to fix it without using manual building on xcode? Thanks.
I had exactly the same problem.
Check the permissions you are requesting.
Apparently with the newest version of SDK you cannot request write and read permissions during the same request.
For me, requesting "offline_access" was an issue. After removing that one, the error disappeared. Try requesting only the basic permissions (like "email,user_about_me") and see what happens.