After submitting my Github credentials, I see the following error, even though those credentials are correct:
IntelliJ can't login to Github
Try using github.com as host address and your nickname as login.
Also, use the token instead of the credentials, this is supposed to be safer.
It should, in theory, work. If not, either:
You made a typo in your credentials.
The IDEA couldn't reach the host because its network messages were blocked on their path by a firewall or anything else. Make sure you can ping github.com and that the HTTPS (I think it's the on used here) port (443) isn't blocked by your gateway. You can also check for port 22 if you want to use SSH.
Related
We have a web application written using Liferay 6.2 and deployed on tomcat server. Application is accessed using Integrated Windows Authentication. Everything works fine if hostname is directly used to in url to access.
To hide the actual hostname, a CNAME record was created. When that is used to access, users get repeated prompts for credentials and authentication is rejected despite entering correct credentials.
We tried creating SPN for CNAME using the command setspn -a "HTTP/<<friendly name>>". Since connection is made on standard port 443 using HTTPS, no port number was specified when creating SPN. However, repeated authentication prompts still continue to appear. The application runs using a service account. Including the service account when creating SPN could be an option. Please share if there are any suggestions on what else could be tried.
What does "everything works fine" mean? Are you getting prompted and when you enter creds it works correctly, or it does SSO and logs you in without a prompt?
The fact that you're getting prompted is because a) the new cname isn't considered to be in the intranet/trusted internet zone. See Internet Options > Security > Local Intranet/Trusted Sites > Sites. Or b) the requested ticket sent to the server failed.
Also usually you don't register the cname as an SPN. You register the A record the cname is pointing to as the SPN. My guess is this is causing the failure. The SPN is getting registered to the wrong service account so the KDC is using the wrong service account key.
We recently changed the IP-address on a server hosting one of our services based on .NET Web API 2.
The service is using OAuth2, providing external logins via Facebook/Google.
We're still using the same server and the same host name for our services, only the IP-address has changed. Now I'm getting back my login URL with "&error=access_denied" whenever I try to login using Facebook/Google.
I have checked every setting in both Facebook's and Google's developer consoles but nothing seems to apply. If I remove the OAuth redirect URI, I get an error that the URL is blocked, so the settings seems to take effect.
What have I missed?
Funny how asking a question makes you think even more outside of the box. The culprit was that wrong DNS-server was set on the web host.
I'll see myself out...
I'm trying to insert http://localhost:4000/api/myroute as returlURL
on https://developer.paypal.com.
Paypal displays this message :
We are sorry something went wrong while saving application please try again...
So, localhost seems be forbidden but the last week, it's was ok.
How can i enter localhost url ?
Please, do not answer me the 127.0.0.1 solution.
"localhost" to PayPal's server, is themselves, so if they tried to redirect to http://localhost/whatever, it would just go right back to their own server, and that URL most likely wouldn't exist, and you'd end up with a 404 at the PayPal server.
If you want to test on your local server you're going to need to setup DNS to point some sort of a domain to your public IP address there, and make sure your web server is configured to answer to that domain as well.
For example, your site might be www.domain.com. Lookup your public IP address there, and then create a DNS record for domain.com that points sandbox.domain.com to your public IP address there.
Then you can use http://sandbox.domain.com anytime you need to work with PayPal (or anything else) and it'll work the same as "localhost" is for you now, but 3rd party servers will be able to communicate with your application as expected. This will also allow you to have other people on different networks test/demo the site with you.
I have an issue with appears to occur randomly (however i suspect it occurs when starting up the application or changing the application settings). The error I'm getting is as follows:
An attempt was made to access a socket in a way forbidden by its access permissions 127.0.0.1:80
The particular error in my case occurs when trying to generate a authentication token using Identity Framework by making requests to the following url:
https://domainname/api/token
Note that the api/token url is specified within the owin pipeline > OAuthAuthorizationServerOptions > TokenEndpointPath. This get set on startup of the application.
From my understanding 127.0.0.1:80 is azures localhost and is forbidden for us to access, i'm not sure why its defaulting to localhost as a domain, my educated guess is something is happening during the startup that's first setting the host to localhost.
My question is does anyone else get this on startup (while the site is warming up) for azure web apps?
Have i configured something incorrectly for me to be getting this behavior?
I know this is a little open ended but is there anything i can do to resolve this issue?
That is the well-known issue described in the official documentation. You may not to access not just a 127.0.0.1, but i suspect that the problem is even a little different - it looks like something is wrong with the :80 port usage. IIS use that port, and i would try to change the port used by your app.
However, from your description is not clear who is that guy who tries to do that - your app tries to do something with the 80 port, or the Azure WebApp functionality.
Please try to start from the eliminating the possibility of some renewing events by enabling Always On in the Azure Web App setting. It will make your web app always on, and will help to understand if that is caused by the service.
I need to develop a Facebook app, and while I request my SSL certificate, I need to start the project because I have few time to deliver it.
Is it possible to use localhost as the "Secure Canvas URL"? This field requires that the URL begins with https, so I don't know the correct way to do it (in the case that using localhost is allowed).
First of all you need to set up your server to answer HTTPS requests.
Then you create a self-signed SSL certificate – not sure if that works for the domain name localhost, but I’d recommend setting up a local domain, such as mytest.local anyway (the .local being the important part here), make your server listen to that, and your system resolve it to your local IP address, f.e. via its hosts file.
And then you tell your browser to accept that self-signed certificate … and you’re good to go.