Guacamole custom authentication extensions leading direct client connection page - guacamole

I am trying to auto login the guacamole from another website ( having iframe to load guacamole ). so i tried with custom authentication extension there i have fixed static username and password to login. now its automatically redirecting into http://samplesite.org/guacamole/#/client/{encriptionkey}. but i want to load after login landing page. could anyone help me on this.

Related

Freshdesk OAuth SSO: Freshdesk Login Page Doesn't Ping My Auth Page?

I'm trying to connect to Freshdesk using OAuth 2.0, for single sign-on from my app. My app is serving as it's own OAuth identity provider. I've set up my Authorization url on Freshdesk -- let's call it https://www.myWebApp.com/auth:
So now for testing purposes I go to the URL that Freshdesk support provided for a user to initiate the single sign-on process:
https://myWebApp.freshdesk.com/login/normal
...and I see a nice sso-style login screen:
I enter a correct email and password for one of my site users and click "Login".
Now in the Chrome network tab, I would expect to see Freshdesk trying to ping my Authorization URL. But I don't. I see this:
When loaded, my auth page (https://myWebApp.com/auth) pings my server, which issues a console.log() message, and my server logs show no such console log message -- so Freshdesk doesn't seem to be pinging my auth page at all.
What is keeping Freshdesk from pinging my auth page as it should?
There is probably a fair bit here that you have in place already but I am just adding it in for completeness.
Logged into the backend and on the security page for contacts
https://stackoverflow.myfreshworks.com/security/contacts
[stackoverflow == your site :) ]
you will have to create a Custom Policy if you don't have one in place already (this is different to the one for Agents)
And for that configure your SSO with Oauth 2.0
Then , if you have at least one SSO configured your login (at https://stackoverflow.freshdesk.com/support/login ) should look like this:
Where (1) now appears. That will be the link to ping your server via the urls you set up for the SSO:
If you only have one SSO set up for your contacts that link (1) should complete the sign-in process directly and then you should end up logged into Freshdesk as the specific contact.
If you had two SSO options set up; for example:
..when you clicked the link (1) on the https://stackoverflow.freshdesk.com/support/login page, you should then be redirected to a page with those two options:
The url for that page is something like (parameters will be different for you):
https://stackoverflow.myfreshworks.com/login
?redirect_uri=https://stackoverflow.freshdesk.com/freshid/customer_authorize_callback
&client_id=14416083630394368&slug=6117145232763
I am imagining you could use that as a direct link to the portal on your main site.
If you only have one SSO option set up you should be able to navigate directly to the link as above and then see :
which is probably what you are aiming for.
I changed the name of that button (Sign in with contacts SSO) just to be sure I was using the right one and to differentiate from the login for agents. You can change the text under the Advanced Options when configuring the SSO:
Hope this helps you along the way - if you have any other questions on this post them as comments.

Having problem while trying to access the idp url after using saml plugin in grails for SSO

I have installed a SAML plugin in Grails in my local project. I am able to see a page created from the plugin where I can click a button to go the IDP selection page. But when I am trying to go to the IDP selection page it is not working, a blank white screen is coming up and the URL to which the IDP page is redirected, I guess does not exist in the plugin.
Can someone please help me out in this? I am trying this for many days to understand how SAML will work but did not get any breakthrough.
Whne i isntall the plugin after thqt the idp selection option is coming.Please check the screenshot as reference
But after clicking on idp selection option blank page is coming.screenshot given for reference.

JHipster OAuth2 + Keycloak user related use case

From various googling and reading https://www.jhipster.tech/security/#oauth2 , I gathered that in order to have mobile/social integration with JHipster generated app I should use OAuth2. Am I right to think this way? (I can't seem to find a clear cut answer to this)
I created a new application with JHipster v5.1.0 with OAuth2 enabled. I noticed a couple of features missing with regards to user management. Below are my questions.
How does a new user register a new account?
How does a user change password / reset forgotten password?
Hopefully someone with experience on the above can help clarify.
Thank you in advance.
For social login, yes your best option is OAuth 2.0. You can use JWT for mobile development with React Native (via JHipster Ignite) and Ionic (via Ionic for JHipster), so it's not necessarily required for mobile.
For user registration and change password, you'll need to enable those options in Keycloak or Okta. This blog post shows you how.
To summarize:
For Keycloak, you can enable registration by navigating to http://localhost:9080 and click on Administration Console. Login with admin/admin and click on the Login tab. This screen allows you to enable forgot password, remember me, and verify by email as well.
To enable self-service registration in Okta, you’ll need to navigate to the Classic UI from the Okta Developer Dashboard. There’s a link to toggle between the two in the top left corner of your screen.
Then navigate to Directory > Self-Registration and click Enable Registration. Set the default group to ROLE_USER, the Default redirect to a Custom URL with http://localhost:8080 as its value, and click Save.
NOTE: If you get an error that says 'http://localhost:8080' is not a valid redirect URI, it’s because you need to add http://localhost:8080 as a trusted redirect under Security > API > Trusted Origins. After making this change, navigate to Directory > Self-Service Registration and edit the settings to configure the custom URL again. It should work this time.

How to add default homepage to Relying Party when using Windows Identity Foundation?

Integrating WIF into regular ASP.NET 4.0 website.
I have STS setup and when I navigate to my RP website, it redirects me to STS Login page.
What I want to do is I have Home.aspx in my RP. It is a public page open to everyone. It has have a Login link. When the I click that link it takes me to the STS login page and upon logout I get redirected to Home.aspx again.
Issue:
I have set in RP's web.config to allow access to everyone to Home.aspx and Set up as the startup page. I also have it setup as Default document. But when I navigate to my site, it takes me to STS Login page.
Why doesn't it take me to home.aspx?
If I manually modify the url to go to home.aspx, it is allowing me.
Any ideas?
Update:
Found this: http://social.msdn.microsoft.com/Forums/en-US/Geneva/thread/71806907-393f-4782-9c30-971be94a2b62/
But that's really a weird workaround.
The link shows how to unprotect a page i.e. a page that can be accessed without a redirect to ADFS.
You could simply put a link on that page that goes to the ADFS login page.

How to get the rubycas-server login form to display?

I have installed rubycas-server on my server. I have a ruby app that supports CAS on mysite.com. I would like to have the rubycas-server login page at login.mysite.com.
I have followed the instructions at http://code.google.com/p/rubycas-server/wiki/HowToConfigure and configured my config.yml file.
I have started the rubycas-server but I don't see a login form at login.mysite.com. There isn't anything on login.mysite.com. I have setup the uri_path to login.mysite.com. I thought that it would display the login form when I start the rubycas-server but it doesn't. I guess I am still missing something. What am I suppose to put on login.mysite.com in order for the login page to display? Is there suppose to be another ruby app?
Sorry, I am new to this.
Remember that the CAS is a single sign-on app and the CAS login page is meant to be central to all of your applications. So a typical usage would be that you have your CAS server running on one machine, and the login will be at somedomain.com/cas. Then you have a bunch of applications that want to authenticate, at mysite1.com, mysite2.com, etc. If you try to browse to a CAS-protected page in one of those applications, you'll be redirected to somedomain.com/cas, where you'll sign in, and then CAS will redirect you back to the page you wanted on, say, mysite2.com.
Out of the box, you should see the login by going to the domain that rubycas-client is installed on and going to /cas.
Basically, it sounds like you're expecting the login page to be part of your application, and with CAS, it's not.

Resources