I installed 2 of the simplesamlphp program (1 as IDP and the other as SP) in my sharing host using method 13.1 in the installation documentation due to my site being a shared hosting account and unable to symlink the directory.
https://simplesamlphp.org/docs/1.13/simplesamlphp-install
When I tried authentication testing from the sp site (sp.test.com/simplesaml/), it shows '403 Forbidden' but if test as idp (idp.test.com/simplesaml) the authentication page work and will redirect to the login page.
Tried changing POST to Redirect, remove .htaccess, changing to another type of authentication but still showing the 403 forbidden when clicking the authentication link.
Anyone have any idea on fixing this issue? Thank you.
Have solved the issue.
Contacted hostgator and they had whitelist mod security rule that being hit by the script. So now working fine.
Related
I wasn't exactly sure how to best describe the title of the question for the issue I am having, anyways this is the problem I am encountering, I have searched for a couple of hours and could not find an answer.
I am building and app which is passing through the Azure AD sign in and redirecting back after a successful handshake. All works fine when using https://localhost:port as my RedirectURI in Azure, for example:
Under Web Redirect URIs this following works just fine:
https://localhost:7280/signin-oidc
I login with my AD credentials and I am redirected back to my app's landing page, so all good there.
The problem is however, when I use the following in the hosts file, I am just redirected back to the Azure AD sign in page, even though when I check the azure sign in logs, it states the login was successful.
Question: Is it possible to use a custom URI using the hosts file in a local development environment, when developing an app passing through an Azure sign in? Or am I restricted to using https://localhost:portNumber for my web redirectURIs? Thanks in advance.
Here is the hosts file and the web RedirectURIs in Azure. As mentioned earlier, https://localhost:port works fine. Note: I already have an SSL Certificate for the local development environment which is fine.
My hosts file:
127.0.0.1 dev.operations.co.uk
My web redirectUri(s) in Azure which I have tested:
https://dev.operations.co.uk/signin-oidc
https://dev.operations.co.uk/
I restored the Test DNN Website and Database on local machine but still it is redirecting to Test Url.
Please help me run the DNN Website on Local Machine.
I change the PortalAlias, PortalSettings, webconfig pointing to Local Database. But still not resolved.
following message appears, when I enter my email for Login:
https://login.microsoftonline.com/XXXXXX-XXXX-44e7-XXXX-7de5c833XXXX/oauth2/authorize?scope=email&client_id=3b8a260d-PPPP-420a-PPPP-efd8cad8XXXX&redirect_uri=https%3a%2f%2fuattest.tio.com%2fLogin&state=Azure&response_type=code&login_hint=arsalan.amin#tio.com
https%3a%2f%2fdnn.localhost.com
https%3a%2f%2fuattest.tio.com
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'XXXXXXXX-XXXX-420a-XXXX-efd8cadPPPPP'.
Configuration in .net framework generally we only need to modify the redirecturl.
Make sure the redirecturl in project same as azure portal, your issue should be solved.
Solution:
After you restored website, please check the RedirectUrl.
Click App registrations, and check Authentication->Platform configurations->Redirect URIs.
I am trying to authenticate my Azure Web App. Follow this doc
In my Azure Portal, I've selected "Authenticate / Authorization" for my Web App.
After I configure my Microsoft Account Authentication Settings with Client ID/Key from the App Registration page, I save the settings page and I'll see an error:
The errors says:
Failed to save Auth Settings for WebApp App:
{"Code":"Conflict","Message":"Cannot update the site 'WebApp' because
Authentication / Authorization was configured with an invalid issuer
URL ''. The URL must be well-formed, absolute, and use the HTTPS
scheme.","Target":null,"Details":[{"Message":"Cannot update the site
'WebApp' because Authentication / Authorization was configured with an
invalid issuer URL ''. The URL must be well-formed, absolute, and use
the HTTPS
scheme."},{"Code":"Conflict"},{"ErrorEntity":{"ExtendedCode":"04530","MessageTemplate":"Cannot
update the site '{0}' because Authentication / Authorization was
configured with an invalid issuer URL '{1}'. The URL must be
well-formed, absolute, and use the HTTPS
scheme.","Parameters":["WebApp",""],"Code":"Conflict","Message":"Cannot
update the site 'WebApp' because Authentication / Authorization was
configured with an invalid issuer URL ''. The URL must be well-formed,
absolute, and use the HTTPS scheme."}}],"Innererror":null}
I'm not sure what's the "invalid issuer URL" the issue is referring to.
This issue is not a general issue. This article is absolutely correct.
So I suggest you try to use another location to deploy your Web App and configure the Applicaiton again.
Also, this issue should be temporary, I have reported this.
Hope this helps!
I'm on the App Service team. This is a known issue which we are working to address - the behavior should be temporary. Our apologies for any issues this has caused.
I do not recommend the solution of moving to another region, as this is not guaranteed to work, and sites that do see resolution in this way may break again.
Please find our recommended workaround instructions in my response to this forum post.
For me it worked to add AAD as an auth provider with the default setting even though I'm not using it. I was then able to save my Facebook auth settings. This is a temporary workaround.
This answer from this discussion. Edit field "issuer" not working for me.
I have a website working fine on IIS manager. I created a new site with it sharing the same IP and port. For the host header I put in the domain to the site. When i currently go to the domain i get a
403 - Forbidden: Access is denied.
You do not have permission to view this directory or page using the credentials that you supplied.
I checked to make sure anonymous is enabled and setup but still no luck. it doesn't ask for credentials when accessing the site.
At this point i'm not sure what else to do. Does anyone have ideas that I could try?
After spending some time in my domain service site. I apparently put in the wrong IP address to the website server and instead was pointing towards my exchange server.
I am running into an issue with logging into an ASP.NET MVC web site using Forms Authentication while running on Azure using a CNAME to redirect my domain to the url of the Azure application. For clarity on how I am setup the following blog post explains how I am setup. http://blog.smarx.com/posts/custom-domain-names-in-windows-azure
The problem:
When I enter my credentials and click submit on the login form, the login in the code successfully executes and redirects to the Home page however, it appears that the browser does not think it is logged in. I can tell this because a logged in user will only have the option to log out, but I am seeing the login link. So maybe it is my code right? Well maybe, and I hope it is but what I have noticed is that the problem only occurs if I am trying to login from my domain "www.MyDomain.com". If I use the Azure url mydomain.cloudapp.net, then the login in works fine. The other interesting part is if I login from mydomain.cloudapp.net and then navigate to www.MyDomain.com I see that I am logged in and everything works properly.
Please help.
Thank you very much,
Tom
It's hard to pinpoint your exact problem here. You can have a look at Lokad.Translate: it's a simple open source ASP.NET MVC app designed for Azure. It works with Forms authentication, and our implementation appears to be running fine with the CNAME redirects. You could try to reproduce our setup for your own needs.