So I'm integrating RHSSO (based on keycloack) with RH Business Central (RHPAM) as authoring instance and no matter what I do after it redirects from the RH-SSO login page to the target/landing page of the RHPAM/BusinessCentral I always get the Login failed: Not Authorized
I have already followed the steps detailed here but still no-go; has anyone come across this before?
https://access.redhat.com/solutions/6859451
enter image description here
if it come to page with error unauthorized message usually there are role mapping issues, please double check if user indeed has roles that needed for login to rhpam central.
Related
I'm currently troubleshooting a login issue for a deployed Moodle. Login page uses an alternate page which I have managed to identify. The alternate page considers everything except successful login as invalid or expired login or password.
Since some correct login and password are also getting the same issue.I am trying to restore the Moodle instance to use its default login page but did not find any $CFG->alternateloginurl configuration set in moodle.php. Kindly please provide any pointers you can think of on where to look next to restore the login page.
PS: I've also searched within the active theme, and there has not been any code changes. Uses a variant of Moove
Thank you
Rest assured that its a common issue
https://docs.moodle.org/401/en/Managing_authentication#Alternate_login_URL
There is an entry in the database
SELECT *
FROM mdl_config
WHERE name = 'alternateloginurl'
Note the value, just in case, then blank it out
UPDATE mdl_config
SET value = ''
WHERE name = 'alternateloginurl'
Then purge the cache to update Moodle
php admin/cli/purge_caches.php
When you do manage to log in, check which other authentication methods are active via
Site administration > Plugins > Authentication > Manage authentication
https://docs.moodle.org/401/en/Managing_authentication
The default methods are manual and email self registration
Although self registration is disabled by default in the settings on the same page (registerauth)
I have created dashboard and shared it to other computer which is demo user with the role-> kibana_dashboard_only_user.
now when i open shared with demo user login credentials it shows error like
Internal Server Error
Error: Internal Server Error
SearchError#http://10.42.35.14:5601/bundles/commons.bundle.js:3:298201
_callee2$/<.searching</<#http://10.42.35.14:5601/bundles/commons.bundle.js:4:324908
processQueue#http://10.42.35.14:5601/built_assets/dlls/vendors.bundle.dll.js:427:199687
scheduleProcessQueue/<#http://10.42.35.14:5601/built_assets/dlls/vendors.bundle.dll.js:427:200650
$digest#http://10.42.35.14:5601/built_assets/dlls/vendors.bundle.dll.js:427:210412
$apply#http://10.42.35.14:5601/built_assets/dlls/vendors.bundle.dll.js:427:213219
done#http://10.42.35.14:5601/built_assets/dlls/vendors.bundle.dll.js:427:132717
completeRequest#http://10.42.35.14:5601/built_assets/dlls/vendors.bundle.dll.js:427:136329
requestLoaded#http://10.42.35.14:5601/built_assets/dlls/vendors.bundle.dll.js:427:135225
Does the user have read permissions on the index? Just dashboard permissions alone are not enough; this is unfortunately not super obvious.
The user (or role) needs to have at least the read permission on the desired index in addition to the dashboard-only role.
Check the documentation here:
https://www.elastic.co/guide/en/kibana/current/xpack-dashboard-only-mode.html#grant-read-access-to-indices
BTW the feature has generally been reworked and is deprecated in the old form
As you might know, for loading images from Facebook in our application (in my case AS3) we have to load following policy file:
Security.loadPolicyFile('https://fbcdn-profile-a.akamaihd.net/crossdomain.xml');
otherwise we get following error:
SecurityError: Error #2122: Security sandbox violation: Loader.content: http://test cannot access http://profile.ak.fbcdn.net/v22941/254/15/q652310588_2173.jpg A policy file is required, but the checkPolicyFile flag was not set when this media was loaded.
you can find related question here.
I have a Facebook application that is running for long time without problem, but what I am facing today which is bizarre, is that the application gives the same security error message while loading NEW PROFILE PICTURE, and for the profile pictures that have been uploaded about 2-3 weeks ago or earlier, there is no problem.
My question is that did Facebook change its policy? Is it a problem form my side or something is wrong from Facebook? I have googled to see if the Facebook's policy or something else has been changed, but I did not found any clue.
If you go to https://fbcdn-profile-a.akamaihd.net/crossdomain.xml you will see that it returns an error (403 Forbidden: You don't have permission to access /36477/crossdomain/pics-crossdomain.xml on this server) so Flash never gets a valid crossdomain file.
This is an issue that Facebook needs to address.
I know of no way to have Flash ignore crossdomain errors.
I am using ZendFramework2 with zfc-user and ZfcRbac for authorization and access control. I have setup everything to work with database managed role. Now when a user navigate to an un-authorized page, I am getting the error page You are not authorized to access this resource which is thrown by ZfcRbac
Actually I have configured in my zfc-rbac.global.php to redirect to the 403 page. my settings are below.
ZfcRbac\Exception\UnauthorizedException
--
'unauthorized_strategy' => [
'template' => 'error/403'
],
How do I send the user to 403 page?
EDIT
The right answer is to attach the UnauthorizedStrategy in the onBootstrap
$t = $e->getTarget();
$t->getEventManager()->attach(
$t->getServiceManager()->get('\ZfcRbac\View\Strategy\UnauthorizedStrategy')
);
ZfcRbac per default doesn't do anything but throw the exception. The power of ZfcRbac then lies within it's many, many customizable features. The one you should be looking at is found under the Documentation-Section "Strategies".
In short
register the redirection strategy on your Modules onBootstrap
if required, change the redirection strategies configuration
I'm using Membership API with forms authentication.
Sometimes, when a user try to go to login.aspx page (for example
www.mysite.com/login.aspx), there is a redirect event happening and the address bar shows something like this www.mysite.com/Login.aspx?ReturnUrl=Login.aspx
I'm like to draw attention to that: User enter his login and password and then he will be redirected to a login page again.
I have tried to reproduce this bug under my debug session, but I couldn't.
Tell me please why it is happening?
Are you having roles problems? Does the user have access to the return URL page?
Without more information, I can't really suggest any answers, but you might find SO:62013 or Forums:1318557 or this blog post helpful.
If not, take a look in your Trace log and see if you're ever getting to your return URL. In the problem I'm having at the moment I can see:
19 9/7/2010 5:50:03 PM /login.aspx 302 POST View Details
20 9/7/2010 5:50:03 PM /Default.aspx 302 GET View Details
21 9/7/2010 5:50:03 PM /login.aspx 200 GET View Details
so I'm getting a successful login, but my return URL is redirecting back to the login. (I'm about to raise this as a question on here myself).
But my first guess would be to look at roles. Can you edit the question to add in the appropriate section of your web.config (and remember to remove any sensitive data first ;o)