-->User opens Service Provider URL and the WSO2 login screen is presented for entering credentials
-->User does add a browser bookmark from the current page to be able to access it in the future
-->Bookmark works fine for a period of time, then it stops working properly, the following error is displayed after entering the credentials
The reason for the error is that the WSO2 login page has some parameters in the URL that expire after a period of time, specifically sessionDataKey which is identifier for particular Service Provider.
Can someone help resolving this issue.
This was a known issue and seems to be fixed in next release.
https://wso2.org/jira/browse/IDENTITY-5199
As a workaround, users can bookmark the landing page after the login. Then, if there is no valid session, they will be redirected to the login page.
Related
I implement authentication for the Flutter app using the Keycloak. My flow is:
When opening the app for the first time, the user will be redirected to the login page of Keycloak with an email input
After inputting the email, a magic link will be sent to the email to authorize
When clicking the magic link, the app is opened and redirected to authenticate page of Keycloak. If the link is valid, the user will be forced to register the Webauthn passwordless
After registering success, back to the app
I've already implemented the magic link authenticator and it's working fine. My problem is when back to the app, I got the error: "Response state param did not match request state". I guess that because the app is open the browser 2 times: The first time to open the input email form to log in and the second time when open the magic link.
I've searched on the internet but can't find the solution. Any solution or hint?
Thanks.
I have developed an SAML application which only uses Microsoft as IDP for successful login and logout of specific users. So after logout, I want Microsoft to redirect me to the website I have configured in the Logout URL of MyApplication in Azure Active Directory. The log-in functionality works everytime but when I logout in presence of only one Microsoft Signed-In account, it logouts perfectly and redirects me to the website I specified. I am facing the issue when I am asked to choose account to logout from a set of accounts (refer Image) of which when I select the configured account, it log me out perfectly but is unable to redirect me to my specified page. The page gets stuck on "You signed out of your account It's a good idea to close all browser windows." (refer Image). Thus I want to be redirected to the specified page when I am asked to select an account while logging out.
Logout Issue Redirect Image reference
Logout Issue Redirect Image reference
This is a known bug in this library.
Here are some alternatives.
You can use silent logout.
The post logout redirect isn't expected after calling logout. This could be a timing issue.
You can achieve a 'clean' logout by opening a new window and calling logout from there. Then a user is left with an extra open window; but at least they've retained a view of the app and it hasn't lost state.
I am attempting to implement a simple Facebook login flow for a web application using HTTP redirects, as detailed at https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow/v2.2.
For the purposes of making this question generic, let's say the application URL is www.example.com/app.php. On the application page, there is a link which directs users to Facebook's OAuth endpoint, where ideally:
they log in to Facebook (if not already logged in) and approve my application permission to access their public profile
they are then redirected back to my application's URL along with some extra parameters appended (e.g. www.example.com/app.php?code=...&access_token=... if the login was successful, or www.example.com/app.php?error_reason=...&error=...&error_description=... if login/app approval was unsuccessful)
The Facebook OAuth endpoint is:
www.facebook.com/dialog/oauth?client_id=12345&redirect_uri=www.xyz.com/app.php
where I have filled in the client_id and redirect_uri parameters with my application's ID and my application's URL respectively.
What actually happens whenever I access the link is that it immediately redirects back to my application's homepage - without ever showing a login dialog of any kind. This happens with Firefox and with Chrome - both when I am logged in to Facebook and when I am not, in normal sessions and in incognito sessions with no plugins enabled. From the browser inspector, I can see that the Facebook OAuth page is definitely requested but is straight away 302 redirecting to my application page with just a code parameter appended.
www.example.com/app.php?code=...
This also happens when the Facebook OAuth link is accessed from pages other than my application's URL (e.g. if I click the link from www.example.com/other_page.htm).
I am unsure what I am doing wrong here; the application URL (www.example.com/app.php) is approved on my app dashboard in as many places as I could find, and changing the request_uri parameter to any other URL results in an error page. I have also tried urlencode()ing my application URL before passing it in the request_uri parameter, but the result remains the same. I don't know what to try next as as far as I can tell I have followed Facebook's manual login guide as closely as possible.
Here are my pages:
Login Page: if user login info is valid, redirect to destination URL(ex: https://int63.xyz.co.uk/base/page/mydetails.jsp) else display login page
LoginServlet Page: if user has an open session, redirect to the proper resource else redirect to login page
Destination URL: It redirect the request back to the Login Url which then makes it a repetitive call.
In the above scenario when I clear my browser history and cache and then hit the target page it gives me the login page as expected. But when I enter correct details it goes into an infinite loop(That's what I can capture in logs).
The request is getting successfully authenticated on login page and sent across loginservlet page well. But I am unsure about what processing is made at the application end and why it redirects back to the login page.
Any ideas how I can solve this problem?
We dont use any .htaccess file instead we follow the mechanism of Identity and Access management wherein we create junctions and control the access to them through ACLs.
Thanks all for the help provided on this issue.
I figured out what was the problem with this.
When I said it was making a redirection loop it was because of cross domain request forwarding. It was authenticating the users on abs.com and was sending the request to some abs.co.uk so the page on abs.co.uk was not able to recognize and was sending the request back to abs.com which again forwarded the request to the same page as it has already authenticated this user.
So this cross domain forwarding of request was a reason of this loop which I then made changes to get it worked in same domains.
I have created a website that allow user use facebook login system to regist and login. The system runs good. It can use single sign-on to login the system, so the user does not need to input the username and password --- until yesterday.
One of teammate find that he stucked in the login system, and the single sign-on does not function anymore. The user need to input account detail whatever they have login facebook or not. The most funny thing is, after the user login in facebook login system, it does not redirect the user to the "next" url or redirect them to facebook.com (mostly this means login system setting had eror). It just stuck in the facebook server with empty blank page.
This is the link what I stuck in....
https://www.facebook.com/login.php?login_attempt=1&fbconnect=1&display=page&next=(next url)&req_perms=publish_stream%2Cread_stream%2Cemail%2Cuser_photos&legacy_return=1
without session code, and does not have any reply.
I want to know if I have set something wrong...
Use of legacy_return was deprecated almost a year ago with the migration to OAuth2, and the endpoints were finally shut down today. Please update your integration per https://developers.facebook.com/docs/concepts/login/