I am trying to run demo of waffle 'waffle filter demo' download from
http://repo1.maven.org/maven2/com/github/dblock/waffle/waffle-filter-demo/1.6/waffle-filter-demo-1.6.war
I am using tomcat as servlet container and deployed the war file.
When I try to access the server with URL http:// localhost:8080/waffle-filter-demo-1.6/ I am able to get authenticated through current windows login and my windows user is authenticated.
But when I access the same url using IP address http:// 192.168.2.63:8080/waffle-filter-demo-1.6/. Waffle is asking me to enter username and password.
Anyone came across this scenario before? How can I get authentication success by access using IP address?
I've solved this problem following https://community.jalios.com/jcms/jx_73408/en/windows-authentication-waffle-plugin-12?cid=jc_84212.
You have to configure the web browser in order for Windows authentication to be sent to remote HTTP server.
To configure Internet Explorer for automatic logon
Open the Internet Options dialog box by choosing Internet Options either from Control Panel or from the Tools menu in Internet Explorer.
In the Internet Options dialog box, on the Security tab, select Local intranet, and then click Custom Level.
In the Security Settings dialog box, under Logon, select Automatic logon only in Intranet zone, and then click OK.
In the Internet Options dialog box on the Security Settings tab with Local intranet still selected, click Sites.
In the Local intranet dialog box, click Advanced.
In the next dialog box (also titled Local intranet), type the URL of your JCMS web site (for example, https://intranet.mycompany.com) in the Add this Web site to the zone box, and then click Add.
In the Local intranet dialog, box click OK.
In the original Local intranet dialog box, click OK.
In the Internet Options dialog box, click OK.
Google Chrome
Google chrome is automatically configured to send the proper credential.
Firefox
The domain of the HTTP server must be added to the trusted domain for Negotiate authentication, using preference network.negotiate-auth.trusted-uris, either through about:config (in address bar) or in prefs.js (in user profil directory).
Read Mozilla.org - Integrated Authentication for more information.
Internet Options from the Internet explorer is applicable for all the browsers. And so If the "Logon From Intranet " option is disabled, it will ask the User name and the password accross all the browsers .
Solution :
Go to Internet Options -> Security -> Custom Level -> Scroll To END ("User authentication") -> Choose either "Automatic logon only in Intranet zone" OR "Automatic logon with current user name and password" .
Sometimes "Automatic logon only in Intranet zone" doesnt work for IP address of other machines within the same network because the browser assumes it as the open IP(Internet).In this case add the ip of the target machine on "Sites"->Advanced. eg : https://10.11.12.13 in the list It should work now !
"Automatic logon with current user name and password" Should solve this issue for any machine across the internet/intranet.
Related
I have successfully completed SSO between OWA and ADFS.
Now the problem is the SSO only works on Chrome and not on Firefox.
On Firefox, OWA sends multiple requests to ADFS and after 6 requests, ADFS gives an error.
ADFS version: 4.0
Windows Server: 2016 Standard
Below is the error from ADFS:
Exception details:
Microsoft.IdentityServer.Web.InvalidRequestException: MSIS7042: The same client browser session has made '6' requests in the last '6' seconds. Contact your administrator for details.
Firefox does not automatically perform Kerberos authentication against any sites. You must manually add sites to a trusted sites list.
To enable Kerberos authentication in Firefox:
Open Firefox and enter about:config in the address bar, Dismissing warnings that appear.
In the Filter field, enter negotiate.
Double-click the network.negotiate-auth.trusted-uris preference.
This preference lists the trusted sites for Kerberos authentication.
In the dialog box, enter the fully qualified domain name of the ADFS server, for example adfs.example.com.
Click the OK button.
The domain that you just entered in the network.negotiate-auth.trusted-uris should now appear in Value column. This setting takes effect immediately; you do not have to restart Firefox.
I need to integrate Microsoft Dynamics NAV web services on the website. They provided me with a list of services URLs to access in a browser to see the XML structure. When I open, I see Sign In window, I enter username and password but window still prompts me to enter details. My IP is whitelisted, server IP as well and I send SOAP requests from server's specific IP. But no results.
I asked them and they told that they can see the XML in a browser. For me, I can imagine why I cannot get any results because if in browser the authentication is not working, it will not work for the server requests too.
I tried to turn off antivirus, restart the internet, tried with other PC,etc...but nothing, same result - looped sign in window
(see the attachment).
Any ideas please? Thanks
This is also not working for me in Chrome. It works in IE/Edge with the credential manager from windows and in Firefox with basic credentials.
You could try to use the Boomerang SOAP and REST Client for Chrome.
I use Web Services only with IE/Edge.
In the background of your Screenshot the page says that you are not authorized (HTTP 401). Is your user also a user in Dynamics NAV/Business Central?
I am trying to locally test my "Continue With Facebook" button. I get this error telling me the URL is invalid. Below is how I have configured my app's OAuth settings. Based on all my research this is configured correctly but something is still wrong.
I am using npm http-server to run a local instance of my site. It is running on localhost:8080
As per the last image, it wont let me add domain such as "http://localhost:8080". It only lets me add "localhost"
If your actual production URL is domain.com then in FB > Settings > App Domains, add the additional URL local.domain.com. Then on your local machine in the /etc/hosts file (or Windows equivalent) add the entry:
127.0.0.1 local.domain.com
In a browser, navigate to local.domain.com and that URL will be served up by your local machine (i.e. localhost). This will keep Facebook Login happy while running a test / development version.
You'll also need to whitelist your machine's IP (in FB > Settings > Advanced > Security > Server IP Whitelist) and add an additional http://local.domain.com/callback (in FB > Facebook login > Settings > Valid OAuth redirect URIs).
Hello I have server with Centos 6.5 64bit Final i have noticed that my subdomains does not work properly for example if i create subdomain: example.domain.com everything is fine you can type that in your browser and it will work but if somebody will type www.example.domain.com it will fail to open instead of subdomain content that i have created it will open zpanelcp login page.
So my question is what i should do in order to get this working is it domain fault or is it server fault and i need something to fix in actual server?
to create a sub-domain on zPanel just follow this steps :
Login to ZPanel as user
Click "Sub Domains"
Enter sub-domain prefix and select the domain
Use create new home directory
Click "Create"
Now go to your domain dns manager not zPanel dns manager "ex : godaddy ..."
Under A (HOST) You will need to add new record for the prefix of your sub domain with your server ip address
Then click "Save Changes"
your dns resolution my take some time to reflect your changes
good luck.
I just read the article here: http://www.asp.net/aspnet/overview/developing-apps-with-windows-azure/building-real-world-cloud-apps-with-windows-azure/single-sign-on
I have just finished building an app that can authenticate users via WAAD, or via a local installation of ADFS on their corporate network (configuration point allows them to select one or the other).
The app will be hosted in Azure. Can someone tell me if it is possible for users who are on their corporate network to login to this Azure app WITHOUT entering their credentials?
Here is the flow:
user navigates to the cloud app
FAM detects they aren't authenticated, and redirects the browser to their ADFS server on the corporate network
ADFS server replies with 401 challenge (I assume this is what's happening)
user sees a user name/password box, and enters in credentials
user is redirected back to the cloud app with a token containing their claims
I don't understand why #4 is required if the user is already on their corporate network. Shouldn't ADFS use Windows Authentication here so they don't have to enter their password? Is there a way to configure ADFS to do this?
Thank you!
This can be accomplished by adding the Url of the ADFS endpoint to the local intranet or trusted sites of Internet Explorer. By default Internet Explorer will pass in the Windows credentials to sites in those two groups. If that doesn't work, you would have to double check that setting hasn't been modified.