Display custom error messages on unsucessful login using jaas's j_exception
I have configured tomcat to work with jaas to authenticate my users. I have made use of form based authentication and hence on unsuccessful login i navigate to an error page. Instead of an error page with static message, I wish to display appropriate messages like "Invalid username/password" or "User locked"(i lock the user after 5 unsuccessful attempts) etc from j_exception
How can i achieve this?
I tried googling around the issue and found the following link
http://www.jroller.com/heonkoo/entry/manipulating_login_exception
But this seems like an old post.
I have been struggling with this from a few days. Any help will be greatly appreciated.
JAAS does not provide a standard way to propagate information to the web layer.
You can use a ThreadLocal to store the exception and read it in your error page.
Related
I am trying to create a setup where a user can
signup & sign in directly from the combined signup&Signin page
Signup&signin from the invitation link.
Point one is working perfectly fine using the following files
BaseFile
ExtensionFile
RPFile
For point 2 I have created
SignupinviteRPFile
Now, when I click on the invitation URL which is in the following format
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/oauth2/v2.0/authorize?client_id={clientID}&nonce=ca00379642b94aa693a80b66783aa010&redirect_uri=https%3A%2F%2Fmytenant-dev.azurewebsites.net%2Fsignup%2Fuser-invite&scope=openid&response_type=id_token&id_token_hint={SignedJWTToken}
I do get the signup page with readonly emailID. But once I fill all the information and click "Create" it gives me
Following issue:
Sorry, but we're having trouble signing you in.
We track these errors automatically, but if the problem persists feel free to contact us. In the meantime, please try again.
Correlation ID: 3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6
Timestamp: 2021-02-03 11:07:20Z
AADB2C: An exception has occurred.
Observations:
The account gets created in the local AD and I can see the user's entry
Following are the three calls from the network logger
/SelfAsserted?tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation
2./confirmed?csrf_token=bThiL2hJNXZ4ZFBwSXZ3ZzRLd1lVUExQV2V1T3EzVkNBYUloaEpqWk5lYTBXczAvUW9oSjJMVXBEWWhrenZ1Ymc2SkJNL3N5N0UxNzZYNHBDVDdsaWc9PTsyMDIxLTAyLTAzVDExOjA2OjQ2LjU5NTgzMzVaO2tuVzlHdzdMTDZ1QzMyT1JmRGNZbGc9PTt7IlRhcmdldEVudGl0eSI6IkxvY2FsQWNjb3VudFNpZ25VcFdpdGhSZWFkT25seUVtYWlsIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjN9&tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation&diags=%7B%22pageViewId%22%3A%22e25ebe04-1601-460d-b3a8-1d958c8155b8%22%2C%22pageId%22%3A%22SelfAsserted%22%2C%22trace%22%3A%5B%7B%22ac%22%3A%22T005%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A3%7D%2C%7B%22ac%22%3A%22T021%20-%20URL%3Ahttps%3A%2F%2Fmytenant.b2clogin.com%2Fstatic%2Ftenant%2Ftemplates%2FAzureBlue%2FselfAsserted.cshtml%3Fslice%3D001-000%26dc%3DPNQ%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A50%7D%2C%7B%22ac%22%3A%22T019%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A8%7D%2C%7B%22ac%22%3A%22T004%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T003%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T035%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T030Online%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1075%7D%2C%7B%22ac%22%3A%22T002%22%2C%22acST%22%3A1612350440%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1077%7D%5D%7D
3.client/perftrace?tx=3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6&p=null
3. Following URL uses GET Method
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/api/SelfAsserted/confirmed?csrf_token=bThiL2hJNXZ4ZFBwSXZ3ZzRLd1lVUExQV2V1T3EzVkNBYUloaEpqWk5lYTBXczAvUW9oSjJMVXBEWWhrenZ1Ymc2SkJNL3N5N0UxNzZYNHBDVDdsaWc9PTsyMDIxLTAyLTAzVDExOjA2OjQ2LjU5NTgzMzVaO2tuVzlHdzdMTDZ1QzMyT1JmRGNZbGc9PTt7IlRhcmdldEVudGl0eSI6IkxvY2FsQWNjb3VudFNpZ25VcFdpdGhSZWFkT25seUVtYWlsIiwiT3JjaGVzdHJhdGlvblN0ZXAiOjN9&tx=StateProperties=eyJUSUQiOiIzYTlmMzVlNi01MWUxLTQwYjctOWVlOS1kOWM4MDgxZmY4ZDYifQ&p=B2C_1A_signup_invitation&diags=%7B%22pageViewId%22%3A%22e25ebe04-1601-460d-b3a8-1d958c8155b8%22%2C%22pageId%22%3A%22SelfAsserted%22%2C%22trace%22%3A%5B%7B%22ac%22%3A%22T005%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A3%7D%2C%7B%22ac%22%3A%22T021%20-%20URL%3Ahttps%3A%2F%2Fmytenant.b2clogin.com%2Fstatic%2Ftenant%2Ftemplates%2FAzureBlue%2FselfAsserted.cshtml%3Fslice%3D001-000%26dc%3DPNQ%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A50%7D%2C%7B%22ac%22%3A%22T019%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A8%7D%2C%7B%22ac%22%3A%22T004%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T003%22%2C%22acST%22%3A1612350407%2C%22acD%22%3A2%7D%2C%7B%22ac%22%3A%22T035%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T030Online%22%2C%22acST%22%3A1612350410%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1075%7D%2C%7B%22ac%22%3A%22T002%22%2C%22acST%22%3A1612350440%2C%22acD%22%3A0%7D%2C%7B%22ac%22%3A%22T017T010%22%2C%22acST%22%3A1612350438%2C%22acD%22%3A1077%7D%5D%7D
Gives following message:
We can't sign you in
Your browser is currently set to block JavaScript. You need to allow JavaScript to use this service.
To learn how to allow JavaScript or to find out whether your browser supports JavaScript, check the online help in your web browser.
And the last call uses POST method
https://mytenant.b2clogin.com/mytenant.onmicrosoft.com/B2C_1A_signup_invitation/client/perftrace?tx=3a9f35e6-51e1-40b7-9ee9-d9c8081ff8d6&p=null
gives 404 error message
Basically, after the signup from the invitation url I am not able to signin to my application. I am not sure if there is any conflict between the two RP files or If I am missing anything.
The problem is here
https://github.com/rbagree/B2CSignupSigninInvite/blob/main/signup_invitation.xml#L63
The log shows it cannot find this key. Just remove this entire technical profile as it should already exist in your base file.
I'm currently developing a bot for messenger, it works just fine for my page, now the thing is, we'd like that bot to work for multiple pages, even pages that are not ours, so a couple of questions:
How can I add others pages to my messenger webhooks? Do I have to become an admin of that page and do it manually on facebook devs everytime I want to add a new user?
When I get a new message I can retrieve it's page ID, but from there I need to get a page access token every message right? So that I know what page to message, because right now my token is just an hardcoded string... So basically, how to receive messages from different pages and distinguish them? I've been reading their pages access token docs but can't seem to make it work GET /{page-id}?fields=access_token,
(https://graph.facebook.com/1071071872997492?fields=access_token), this keeps returning "An access token is required to request this resource", I'm sure I'm not understanding something right, help would be greatly appreciated, any question ask away, thanks.
I'm currently trying to automate the process of creating a docusign document and sending it by putting it into an apex trigger. I have managed to get the docusign api (via WSDL) into my org, and now I'm trying to add the code into the trigger to send out the document. Without pasting the entire code here, I've been following this tutorial and have gotten all of the required code into my trigger. Unfortunatly, when I run it, I get this error:
11:40:49.965 (12965647595)|FATAL_ERROR|System.VisualforceException: Getting content from within triggers is currently not supported.
Trigger.OpportunityTrigger: line 109, column 1
Does this mean that it's not possible to send a document in a trigger? The tutorial sends it through a controller, is that the only currently supported method?
Thank you for any help you can give me!
EDIT:
So I've gotten past that error (using a different tutorial), and am now getting this error.
System.CalloutException: Web service callout failed: WebService returned a SOAP Fault: This User lacks sufficient permissions. User does not have the permision to the CreateEnvelopeFromTemplates method faultcode=soap:Client faultactor=https://demo.docusign.net/api/3.0/dsapi.asmx
This appears to be a problem with the Docusign user I am using for sending this document. I am currently using CreateEnvelopeFromTemplates to try and send a templated document out to up to 5 recipients.
I ended up phoning into Docusign Support, and asking them about the issue. Turns out that the last error was caused by me trying to authenticate and sign into docusign with my userID not the AccountID (switched those around and the permission error went away).
Another error showed up related to not having roles setup properly in my template (fixed that by setting up the role), and now everything is working fine. I'm answering my own question to leave it as a reference to future searchers.
Create a call out from trigger
Then get the request from a rest method
Then continue to get the pagereference conten
You can find an example here
I have a requirement where the portal application that is being developed in jsf 1.2 and spring 2.5 will be launched from within an ipad app. After the user logs into the ipad app, the user click on the portal link available and the ipad app in turn will be passing the user credentials through a get request url which i will have to validate and redirect them to home.xhtml page if the validation is successful else i will have to redirect them to error page. I have been searching in google a lot to see how this can be implemented. Finally i found that it requires a phase listener to implement this but I am not sure how this can be done or if there is any other way. Please tell me how can this be done using phase listener (if possible with an example). Also suggest me if i can use any other means to do this. Any help is much appreciated.
Thanks in advance.
I found a way to implement this. I am giving the solution that i used so that it might help some one else.
I am using a servlet filter to get the parameters from the URL and then i am validating the credentials with the data stored in the DB. Then if the credentials are valid i am redirecting the user to the home page. If the credentials are invalid then i am redirecting the user to error page. Done.
I followed the tutorial page on doing the basic Facebook authentication and login, but it seems to create a redirection loop.
The parent page sets up a listener which, on authResponseChange, redirects to a handler.
The handler then gets the token and redirects back to the parent page
Which then sets up a listener, logs in, triggers authResponseChange and redirects to the handler. Etcetera...
Have I misunderstood something, or is this a bug or expected behaviour? I need to find a way to NOT have this happening.
Secondly, the documentation for 'Using Facebook & ASP.NET Membership for Authentication' is obviously not ready, but I would appreciate some pointers on how to do you would advise doing it.
EDIT: I presume that both of these issues would be fixed with the same solution, ie - getting the handler to redirect to a new page which creates a new ASPNET Membership user based on the facebook credentials - however I am unsure how to do this as the documentation for this section just says TODO. Any pointers? Would you need to just extend the Profile system to store the access token and facebook ID ? Or am I on totally the wrong track?
On another demo here some folks said it was a problem with ie9/chrome and cookies on localhost. Pointing to 127.0.0.1 and run it on iis it fixed the issue for me.