I have requirement that once user has logged in and is authenticated URL should be changed to SSL and when he logs out url is back to HTTP.
I am aware about Properties in webpart where we can set YES/NO/INHERITS/NEVER.
I am able to set HTTPS permanently but not dynamically.
Any suggestion/help is appreciated.
I'm not aware of any functionality within Kentico to do this, but you should be able to create a webpart and place it on the masterpage. This web part would just check the current user, and if there is a user that is logged in redirect to https version and vice versa.
You could also add some logic to make sure it doesn't do this in the the edit tab in cmsdesk.
You can check the user with
CMSContext.CurrentUser
Some help with redirecting to the secure page can be found at
asp.net c# redirecting from http to https
As rocky said there is not functionality out of the box that will do this for you.
You need to create a web part like it was suggested by Lukek that checks that the user is logged in and redirects them to the https address.
The code below will redirect.
if (!Request.IsLocal && !Request.IsSecureConnection)
{
string redirectUrl = Request.Url.ToString().Replace("http:", "https:");
Response.Redirect(redirectUrl);
}
As suggested bu lukek you need to check the CMSContext.CurrentUser however I would also use the HttpContext.User property.
That will enforce the request to be https.
Related
is that possible to make Spring Security 3.2.7.RELEASE redirect user to another host after logout? I can't force it to use another host. I'm using some kind of SSO access system and that might be a problem.
Example:
My app is started on http://myAppUrl:8080/webapp1/
Users access it through http://ssoAccess:80/webapp1/ and that leads to real url, but in browser i still see ssoAccess url all the time (like some kind of proxy)
I want to make logout button from http://myAppUrl:8080/webapp1/logout.xhtml
to logout then redirect to http://ssoAccess:80/appList
When logout-success-url is set to "http://ssoAccess:80/appList" it redirects to http://ssoAccess:80/webapp1/http://ssoAccess:80/appList which is obviously not correct url returning 404.
I tried logout-success-handler as well, but still same problem. I also tried to make #Controller that has method returning "redirect:http://ssoAccess:80/appList" on endpoint that is pointed by logout-success-url. Still no luck.
I'm also using JSF.
Please help!
A simple trick is that you create a logout.xhtml page in webapp1 that redirect's to appList.
logout.xhtml:
<script language="javascript">
window.location.href = "http://ssoAccess:80/appList"
</script>
We have a multi-site environment where each site has its own redirect URL. We want to use a single Client ID and Secret for our application but register multiple redirect URIs to it. Is it possible to add multiple URLs in below registration form:
I don't think there is possible solution to add on multiple URLs on the SharePoint online app registration form.
But from what i understand there is another way to achieve use a single Client ID and Secret for application and perform multiple redirects.
You can control the redirect url using the appredirect.aspx by specifying the redirect_uri parameter if you need to redirect from the default one check here for reference.
Basiclly it call the subsite page containing the below JS to install the app.
var url = String.format(
"{0}/_layouts/15/appredirect.aspx?client_id={1}&redirect_uri=https://***.azurewebsites.net/<<controller>>/<<view method containing the code to install the app>>?{{StandardTokens}}",
<<subsite url>>, "<<client id>>");
window.location.href = url;
The above javascript calls the appredirect.aspx page which then calls the app site as below,
https://****.azurewebsites.net/home?SPHostUrl=<<subsiteurl>>&SPLanguage=en-US&SPClientTag=1&SPProductNumber=**&SPAppWebUrl=<<weburl>>
Note: The above can be extended to check for the successful installation of the app and display an error message accordingly.
SPWeb.LoadAndInstallWeb equivalent REST / Javascript CSOM is also available here.
Here are some relevant links:
Use the redirect URL in an add-in that asks for permissions on the fly
Redirect URIs and a sample redirect page
As part of a session security feature I am checking $ENV{REMOTE_ADDR} to make sure the users IP is the same during the whole stay on a website.
Some parts of the website show a waiting screen, if for example the rendering of a file takes some seconds, and I redirect the user to a result screen by the use of a meta tag <meta http-equiv="refresh" content="$time; URL=…">.
Unfortunately after this redirect the $ENV{REMOTE_ADDR} variable does not return the users IP but the one from the server.
Is there something I am missing to get this to work properly and/or are there alternatives I could use to redirect the user?
For various reasons htaccess or http-header redirects are not an option and I don't want to use JavaScript for this.
I am already using a 'click me' button to allow the user to manually skipping the wait.
You could try to alter between temporary/permanent type of redirect. Check in server logs, the the http code is 301 or 302?
I misread the accesslogs … it was actually a different script executed on the server, therefore having the servers IP, which caused all this.
When I'm trying to authenticate a user it tells me I need a valid redirect uri.
Where can I change, fix or add it?
I am using the Deezer javascript SDK.
Thanks.
You have to complete 2 steps:
Create an application on http://developers.deezer.com
Set the right domain for that application. For example, YOUR_APPLICATION_DOMAIN.com is right, http://www.YOUR_APPLICATION_DOMAIN.com is wrong.
Setting a wrong application domain in the Edit section of your application will make the user login fail with the following message: "You must enter a valid redirect uri".
I got the same error until I removed the http:// from the "application domain" parameter defined at developers.deezer.com.
ie. use: application domain: subdomain.example.com rather than http://subdomain.example.com
Simply trying to change the Secure Canvas URL to the SSL one provided by hostgator hatchling account (as described at: "http://support.hostgator.com/articles/ssl-certificates/ssl-setup-use/how-to-make-your-facebook-app-ssl-secure") however when tryin to change the Secure Canvas URL the following erroro happens:
Error
There was a problem saving your changes. Please try again later.
Word on the web is that FB blocked Hostgator public ssls so if this is the case are there any redirect tricks or something before simmply changing domain or getting one of those personal SSL certs... thanks
Copied this from the first comment in the thread on this page: https://developers.facebook.com/bugs/470696239634134/ . It worked for me!
for hostgator shared SSL you have to add the port 443. example: "https://secure123.hostgator.com:443/~username/"