I set up the OpenAM Server and Apache + Agent.
It worked fine.
But, my boss dislike the Long URL String when the first attempt occurred(Log-in Page).
I mean...
The User try to open www.example.com.
The Apache Agent redirect to OpenAM Log-in Page.
In this situation, the Browser shows the URL such as openam.example.com/openam/UI/Login? + Long Query String : module, locale, goto, etc... parameters
This URL String is made by Apache Agent... Right?
So, Should I modify Agent codes(C?) and rebuild them?
Related
I'm working on an IIS redirection rule where I've the following website:
https://www.test.com/smart/frid/index.html
to be redirected to the following:
https://mysmart.test.com/frid/index.html
Providing that, the parameter in the old url should be send to the new one too
For example:
https://www.test.com/smart/frid/index.html?id=260&z=3L&hsnr=3-bis
Here is the current settings:
Before you begin, understand the following process before hand and let me know if its confusing.
Application Request Routing (ARR) is an IIS extension which handles URL redirecting and rewriting features at IIS level. URL Rewrite is another extension that sets up rules using which ARR does redirection. With these steps, you can create a pattern rule on the source website. ARR will match incoming requests' URL with the URL pattern you have configured on that website. If the pattern matches, ARR can redirect the requests to destination website along with the parameters. The destination website's URL is also configured in that rule.
IIS supports these extensions which you can download. Download and install them, then they will be available when you re-open the IIS Manager program.
Once these extensions are installed, re-open IIS Manager, select the root node of websites in left side i.e. the name of your machine, then in middle section of IIS Manager, you should be able to see Application Request Routing Cache feature. Double click to open it, click on Server Proxy settings on the right, on next screen, enable the checkbox for "Enable Proxy". After that you need to add a redirection rule on the source website from which you want to transfer to destination website. For that, select the source website in IIS Manager, then in middle section of IIS where all features are listed, look for URL Rewrite, open it.
On the top Right hand side Click on Add Rule(s)… and then select Inbound Blank rule -> ok.
Note: You should create Inbound rule not outbound.
Fill the details that resembles something as follows
Name : AnyNameYouPrefer
Requested URL : Matches the Pattern
Using : Regular Expressions
Pattern : ^smart/(.*)
Ignore Case : checked
Action type: Redirect
Rewrite URL : https://mysmart.test.com/{R:1}
Append Query string : checked
Here I have written that all incoming requests' URL must have smart/ in it along with some parameters after slash "/". These requests will be transferred to destination which is specified in "Rewrite URL".
{R:1} means the URL portion that remains after that matching pattern which need to be carried from source URL to destination URL.
We are currently looking at identifying the best approach to carry out a redirection of a url folder to another url folder o a separate domain. We have tried a few options but have been unable to make this work. Any other redirection options such as apache, html etc are not possible. This url is only accessed through the browser by an application to download some files. This application cannot be changed but needs to download these files from another location.
Hence, we need to redirect the following:
https://sub1.domain1.com/xyz
to
https://sub2.domain2.com/abc/xyz
Any ideas how we can achieve this?
Note: we have full control of DNS of the domain1 and there are no plans to use this domain.
You can't do that with DNS alone. The DNS never sees the "path" part of the URL. You need a webserver aware of the situation who can provide a 302 redirect.
I'm working with MicroStrategy 10.3, hosted on IIS 7.5. I'm using their
URL API to run a document, and change the value of a drop down selector.
IIS is tinkering with my query parameters though, via a 302 redirect. This URL:
https://server/MicroStrategy/asp/Main.aspx?Server=XXX&Project=XXX&evt=2048001&src=Main.aspx.2048001&maxWait=-1&documentID=XXX&evt=2048084&src=Main.aspx.oivm.rwb.2048084&ctlKey=XXX&elemList=hXX;XXX&evtorder=2048001%2c2048084&2048084=1&2048001=1
is being 302'ed to:
https://server/MicroStrategy/asp/Main.aspx?Server=XXX&Project=XXX&evt=2048001%2C2048084&src=Main.aspx.2048001%2CMain.aspx.oivm.rwb.2048084&maxWait=-1&documentID=XXX&ctlKey=XXX&elemList=hXX%3BXXX&evtorder=2048001%2C2048084&2048084=1&2048001=1
(The two distinct evt and src are being combined, and MicroStrategy is complaining that 'Event ID 2048001,2048084 is illegal'.)
Does IIS do this type of thing out of the box? It certainly seems unlikely. I can't see any custom HTTP redirects in IIS Manager for the application.
IIS was most definitely not the culprit.
MicroStrategy was generating the 302 redirect itself, subsequent to an automated login. You would think that an enterprise application wouldn't rewrite its own URL such that it causes an error, but you'd be wrong.
I resolved the issue by manually adding a login event, and URL-encoding the two events I wanted to call into the target key:
https://server/MicroStrategy/asp/Main.aspx?Server=XXX&Project=XXX&evt=3054&src=Main.aspx.3054&target=evt%3D2048001%26src%3DMain.aspx.2048001%26maxWait%3D-1%26documentID%3DXXX%26evt%3D2048084%26src%3DMain.aspx.oivm.rwb.2048084%26ctlKey%3DXXX%26elemList%3DhXX%3BXXX%26evtorder%3D2048001%252c2048084%262048084%3D1%262048001%3D1
I recently configured OpenAm (v13.0) following this vendor documentaion https://backstage.forgerock.com/docs/openam/13/getting-started. My user agent url is A) http://www.example.com:8000/ and my OpenAm url is B) http://openam.example.com:9090/openam. When I access my agent url, A, my OpenAm web Agent successfully redirect to my OpenAm url, B, as it supposes work.
However when tries to login as user 'demo' and password 'changeit' as instructed in the documentaion, the page hangs and it repeated try to the console url in rapid successions as shown in the following image.
My hunch is, user agent is working fine but the fault must be with some configuration of the OpenAm console. Can you suggest what needs to changed in OpenAm console?
Thanks..
Fixed. I have made a mistake while configuring OpenAm. It is imperative to use the URL, 'http://openam.example.com:9090/openam/'. My mistake was, I've configured OpenAm in the URL http://localhost:9090/openam/.
This is emphasised in the documenation, under the point, 1.4.3. Here is the link,
https://backstage.forgerock.com/docs/openam/13/getting-started#install-openam
Looks like it is very useful for newbies when they're configuring OpenAm.
I have 2 sites running on one instance of IIS 7.
A.site.com
B.site.com
These sites use forms authentication and there is one form for logging in on site A.
So if i try to access a restricted page on site B with URL
B.site.com/TEST/
i get redirected to
A.site.com/login.aspx?ReturnUrl=%2TEST%2f
I can then enter username and password to authenticate. So far so good.
After authentication I get redirected to
A.site.com/TEST/
instead of
B.site.com/TEST/.
Can anyone tell me how i can get around this problem and make IIS redirect me to the correct page?
Note: the authentication works fine - i can go to the page B.site.com/TEST/ and i am no longer redirected to the login page. So the problem is just redirecting to the wrong site or the value of ReturnUrl should not be a relative path.
A workaround might be to force the user to go back to the last page using JS instead. Not a great answer though i admit. I think this is an IIS bug since the documentation to set up forms authentication with different sub-domains does not mention this problem at all.
EDIT:
A better answer is change the loginUrl to include the domain.
loginUrl="https://A.site.com/Login.aspx?domain=B.site.com"
Then handle the redirect client side