I have a Fedlet J2EE application working with OpenAM 10.
I would like to know how I can check if the user is already logged into the OpenAM server.
The goal is to make this check to get the identity attributes without showing again the OpenAM login screen.
Anybody knows how can I check if the user is already logged in a J2EE Fedlet application?
Thanks in advance
The SAML specification allows doing this, the isPassive flag in a SAML AuthnRequest would achieve exactly what you want.
Related
I'm working on a react app where the pages can be used both by authenticated and anonymous users. The pages show more features for the authenticated users.
If a user previously has signed in and revists the website, I want the user to be automatically authenticated, and am struggling to achieve this.
I'm using redirect methods because I don't believe popup is working well on phones (is that assumption correct?).
I have tried storing the homeAccountId in local storage and use that to get the account used and then calling login in the msal instance. I also set up a addEventCallback and listen for EventType.LOGIN_SUCCESS which I use to set some internal state about the logged in user.
I have tried using MsalAuthenticationTemplate but strangely this doesn't invoke a login. I have also tried to detect if this is a "first run" and then invoking the login, but that doesn't work all the time. Sometime I get a SSO error indicating I should provide a login_hint or sid which is not possible because I use B2C.
If I don't do anything the user can click the login button and if the user has a valid cookie with B2C the user is logged in without providing credentials which is a strange behavior for the user because my website indicate the user is not authenticated (and show no logout button).
So I can't really get this to work and are wondering if somebody has a concept for achieving this?
Please checkout the msal-react samples which all demonstrate the behavior you're looking for. The MsalAuthenticationTemplate would be the recommended way to do this and if you're still having issues getting this to work after reviewing the samples I would recommend opening an issue on our repo with code snippets so we can take a closer look at what's going on.
Also using localStorage, if you're not already, would help to maintain application state between browser sessions. sessionStorage is the default.
As for B2C not asking for credentials; server state is separate from client state. You can be signed in on the server without the application knowing about it. Until your application makes a request to the B2C server your application will show that a user is not signed in. If a session already exists on the server when you make a login request, the server may redirect you back to your application without asking for credentials again.
I want to implement a Shibboleth login to parts of a Symfony site. There are a lot of apps using the LDAP accounts, so each app needs to be able to check if the logged in user has access to it (not just check there is a user logged in).
We were looking at using an attribute something like 'unscoped-affiliation' that would have a value of something like "staff;program1;masteradmin;program2" or so. If I am doing the admin for program1, I want to check it is in the list.
Any suggestions?
I am daveloping a JSF application that uses the GlassFish Security Realms for authentication. Everything works fine, but I am facing one problem though. Several users may login with the same credentials at a time.
So: How do I prevent logging in if a user with the same credentials is already logged ?
(lets say I have 3 users that share the same credentials, but I want only one to be able to login at a time)
thanks in advance
I guess it depends on the implementation of the authentication but in general you'll have to keep a "logged in" flag somewhere (e.g. in the user db) and set/check that flag on every login attempt. Furthermore you'll have to set the flag back to false if a user logs out.
Log In site designed using ThinkTecture Identity server API.
LogIn site and customer site are hosted as Azure WebRoles.
After successful Login, its redirecting to customer site. Here i am getting the Logged in user.
var emaild = System.Web.HttpContext.Current.User.Identity.Name.
After few hours I checked the site, Still I was getting the logged In user. I dont know when this Current user session will get expired? If anyone knows please share your views.
Thanks In Advance.
The session has by default the same lifetime as the initial token - which is 10 hours by default. You can change that in idsrv config.
I have created a Facebook application and have an application ID and application secret. Now I want to provide the user with a simple UI in which he/she will fill in the Facebook user name and password. On the proceed button click, how do get his/her authentication token?
So in future I will use the saved token to get particular user information.
Take this Open ID
Check the Answer here this will help you.
The procedure for token set you need to store it via local cookie over client's browser.
That's the step-by-step simple stuff to create this kind of application
Hope this will help you