I implemented layouts - MainLayout and JobsLayout with #ParentLayout(MainLayout.class)
The application looks like:
Currently I'm fully authenticated and accessed the path Jobs -> Post a Job
Post a Job route requires from user to be fully authenticated. For authentication, I use Keycloak.
The issue is with not-authenticated user which would like to access Post a Job route.
At this point, the system correctly forwards the user to Keycloak login page and then returns to /jobs/create route. Everything works fine except the tabs state is not restored:
As you may see from the picture below:
The Home and All Jobs tabs are selected.
Is there any way to select Jobs and Post a Job tabs instead? Such tabs are located in layouts and I don't know how to access such components from Post a Job view
1. Question how to activate the tab
You would need to add the location to the URL and implement BeforeEnterObserver. There you can then activate the correct tab.
2. Question how to get the current URL
UI.getCurrent().getPage()
.executeJs("return window.location.href")
.then(jsonValue -> System.out.println(jsonValue.asString()));
Related
I have an ASP .Net MVC5 application using Azure AD Authentication. Whenever I enter URL, it takes me for authentication (if not done already) using a URL of this sort.
https://login.microsoftonline.com/[tenantID]/oauth2/v2.0/authorize?
There are 3 questions
Can I say its using OAuth2 ?
If someone enters a url for a page e.g. https://mydomain/Category/View/1, then it goes for auth (which is alright), but then post successful authentication, it should redirect me to the originally requested URL but currently its taking me to the root URL https://mydomain . But subsequent ones, work fine once authenticated.
Currently the auth happens every 1 hr I believe..how can I extend it to every 4 hrs ?
Will be helpful to see your suggestions.
Cheers.
According to your description of point 2, would you like to achieve that, visiting a url -> direct to login page -> redirect to that url? If so, I think this document can help you.
In my opinion, if I wanna a demo app or app just for simple test, just add all possible url to the redirect configuration form. If I need to do an formal app or I need to make it easy to maintain, I use the idea in the above document. I think the centeral thought is creating a specific place to control url redirecting, including judgment, and only need to add this specific url to the redirect configuration in azure portal. If you wanna a sample, may this document will help you.
To point 3, emmm perhaps you can search for some key words like 'azure ad authentication set token lifetime policy', I found several powershell scripts but I haven't tested. If you haven't got the result I will do some test on it next Monday.
Our production application is configured with F5.
If request comes from mobile to http://xxx.abc.com/show.aspx?show=homePage
I want to create rule is F5 to redirect to a different domain like
http://xxx.xyz.com/show.aspx?show=homePage
My doubt here is if the initial URL contains User Agent since users are browsing from mobile, after the rule is created is by default the User Agent is also passed along.
The URL that we are trying to redirect to should also contain User Agent since my application renders mobile pages based on useragent.
Thanks
The answer for your question is on Devcentral.f5.com:
https://devcentral.f5.com/questions/simple-url-redirect-irule
There are several ways to achieve what you're looking for and also include or exclude user agent data. It will depend on exactly what the redirected server needs. Just search on DevCentral for URL Redirect and you'll get more answers than you'll need. Here's an overview of URL redirections:
https://devcentral.f5.com/articles/2-minute-tech-tip-url-redirects
I have a scenario where I have a web site that will be used by multiple customers.
But I do not want to publish the web site to each customer domain's. Instead I will publish the web site to an azure web site for example mywebsite.azurewebsites.net and I want all the customers domains to redirect to this mywebsite.azurewebsites.net but I need to know which customer is this so I can display the correct content. for example I am thinking about appending or sending a hidden custom parameter in the query string or such.
What I need to know is
How can I redirect all the domains to mywebsite.azurewebsites.net
How can I pass a hidden parameters in the redirect for example any request from the customer domain e.g "www.cust1.com/Home/Index" will be redirected to "mywebsite.azurewebsites.net/Home/Index?username=testuser" and "www.cust1.com/Home/Index?querystring=ffff" to "mywebsite.azurewebsites.net?querystring=ffff&username=testuser"
I do not want to publish any web site content on the customer web site that means the customer domain root directory will be empty.
There are quite a few different ways you can do this.
The first thing you need to determine is: How are you going to handle the redirection to mywebsite.azurewebsites.net?
Are you going to place code directly on the customers website to
redirect?
Do you have the access to the customers DNS's allowing you to forward their site to mywebsite.azurewebsites.net?
Do you want to create a CNAME record and point it to your Azure Website?
Method #1
If you have access to the customers website then this becomes the easiest method.
As you described above, I would simply redirect the user back to your site with some type of custom url i.e mywebsite.azurewebsites.net/customer1 .
When the user hits this page you could then set a cookie in their browser so that you know where they came from and then redirect them to the home page at mywebsite.azurewebsites.net. This would happen almost instantly and the customer would never notice.
Method #2
If you are able to forward the domain or they can only redirect the user to the main website at mywebsite.azurewebsites.net, you can simple look for the referring url when the request comes in. Then as you do above, based on the referring URL you can then set your cookie and show the proper content.
Method #3
This is assuming you have access to the customers DNS records and are able to create a CNAME record for www.customerwebsite.com -> mywebsite.azurewesbites.net
In that case, when the user visits the site you would just pull down the HOST and then set your content based on that.
The specific code is here:
string url = HttpContext.Current.Request.Url.AbsoluteUri;
// http://localhost:1302/TESTERS/Default6.aspx
string path = HttpContext.Current.Request.Url.AbsolutePath;
// /TESTERS/Default6.aspx
string host = HttpContext.Current.Request.Url.Host;
// localhost
You can find more information here: How to get the URL of the current page in C#
Let me know if you have any questions or end up implementing any of these solutions.
I'm currently building a web shop (which is supposed to support multi tenancy).
So my approach is to have a url setup like
appName/shops/shop1/controller/action
appName/shops/shop2/controller/action
Depending on the shop (shop1 or shop2) I have a different assortment. Then I have a list with items and a button to add them to the shopping cart. This action is secured an only accessible for logged in users.
My Problem is the following:
Default behaviour when clicking the "secured" button is to get redirected to appName/login/auth. This way I'm losing context of the shop that the user was browsing. I'm not sure if I can provide the context/shop to the auth process in a way that I can redirect to the respective shop after a successfull log in.
Another approach would be to provide a custom button instead that redirects to the login page if the user is not logged in which provides the context/shop name.
You can use the following scheme for the urls instead:
shop1.appName/controller/action, shop2.appName/controller/action. The login urls for each of the subdomains (shop1, shop2) will be: shop1.appName/login/auth, shop2.appName/login/auth. This way the context will never be lost. In case, you want the logged in user also is able to access appname/otherController/action as well (without logging in again), you may need to do something like this: http://www.intelligrape.com/blog/2012/03/21/sharing-http-session-between-subdomains/
I know that I can use annotation or Request mapping to restrict access to an ACTION by some specific ROLES. But now I have a different circumstance.
My scenario is: every user of my site can create posts, and they can make their own post public, private, or only share to some other users. I implement sharing post by a database table PERMISSION, which specify if a user have the right to view a post or not.
The problem arises here is that when a customer access a post through a direct link, how can I determine he/she have the privilege to view it? There's 3 circumstances:
The post is public, so it can be viewed by anyone (include not-login
user)
The post is private, so only the login-owner can view it
The post is sharing, it means only the login-user that is shared and the
owner can view it.
I want to process like this:
If the requested post is public: ok.
If the requested post is private/sharing: I want to redirect
the customer to the login page; after
logging in, the user will be re-direct
to the page he wants to see.
The problem here is that I can redirect the user to login controller/ auth action, but after that I don't know how to redirect it back. The link to every post is different by post_id, so I can't use SpringSecurityUtils.securityConfig.successHandler.defaultTargetUrl
Could anyone know a way to do this?
Dunno about grails, but spring security has a spring-security-redirect parameter which can be used to redirect the user to the specified url on successful authentication.
I think you could add your own filter that will be executed before the action is called and do the verification of the post permissions there. You can find more information about Grails Filters here.
Have you looked at the Grails Spring Security ACL plugin? I don't know it very well, but it's designed to restrict access to particular instances:
http://grails.org/plugin/spring-security-acl
I have found a quick workaround for this problem:
If the user is logged in: check the user's privilege, and return the appropriate result.
If the user is not logged in: At view action, set the post_id by:
session.post_id = 8
Redirect the user to the Login Controller/ Auth action.
At checkrole action(which is my grails.plugins.springsecurity.successHandler.defaultTargetUrl in Config.groovy), if session.post_id exists, use it to build the link for re-directing to the view action. Before redirecting, clear the session.post_id.